Need help stopping form submission spam.

Forum Moderators: phranque

Message Too Old, No Replies

Need help stopping form submission spam.

Does a visual security code stop abusive submissions?

silverbytes

11:14 pm on Sep 12, 2005 (gmt 0)

I tried to stop spam I receive repeatedly (probable a bot or automated spam) puttin a captcha (visual code users must enter to send the form)
I uploaded the page today but still getting spam, I think probably the old page is cached so the abusive bot or user don't see the code and keeps sending garbage.

But I wonder if it will stop or is it there any other option.

I saw logs and has different ips and countries :(

Any ideas?

Swordfish

12:33 am on Sep 21, 2005 (gmt 0)

I re designed my form script in php, to only allow e-mails to a certain e-mail address and not from any other..

The spam script is submitting forms like crazy..

buksida

5:41 am on Sep 21, 2005 (gmt 0)

Well I spoke to soon, they're back again today but only a few and they're totally blank.

Can you show us your modified PHP script? The one I have is obviously still not stopping them.

A hosting change has been on the cards for a while now ... its just a big job I'm not looking forward to.

silverbytes

2:52 pm on Sep 21, 2005 (gmt 0)

Bad news here. Attack continues and blank forms keep coming. The answer of my hated hosting service is:
"don't allow CC or other public variables that may be executed with external scripts"
If any has a code to add to our php forms would be great...

rocknbil

7:10 pm on Sep 21, 2005 (gmt 0)

Yeah, they go away for a while, allow you to become complacent . . . then hit it again. :-(

silverbytes if you're using PHP, this page will tell you what you know:

[securephp.damonkohler.com...]

There are some comments that the fixes mentioned there are still vulnerable but it will slow them down, a LOT. I know you say you're not a programmer but to fix this you have to (somewhat) understand how they are doing it and then get in and get your hands dirty. :-) That article will tell you what you need to know.

kaled

10:24 pm on Sep 21, 2005 (gmt 0)

Modify the script so that if the body is blank no mail is sent. It really shouldn't be that difficult.

I get a few of these and then nothing for several days. If it becomes an issue to me, I'll certainly make this change to my script.

Kaled.

buksida

6:42 am on Sep 22, 2005 (gmt 0)

I've had a read thru that article ... twice, so if we put all the headers in ourselves it will stop the spamming attack?

Again my PHP kungfu really is not very strong and we seem to be going round in circles here. This is what I have at the moment:

<?
// heres the script for the form
clean_variables($_POST);
function clean_variables( &$value )
{
if(is_array($value)){
array_walk(&$value,'clean_variables');
return;
} else {
$value = str_replace(array("\r","\n","Content-Type:"),"",$value);
}
}
if (eregi("mydomain.com",$email)){die("Die spammer!");}
$name=$_POST['realname'];
$email=$_POST['email'];
$comments=$_POST['comments'];
$to="info@mydomain.com";
$message="$name just filled in your inquiry form. They said:\n$comments\n\nTheir e-mail address was: $email";
if(mail($to,"Inquiry from My Website",$message,"From: $email\n")) {
echo "<font face=\"Veranda\">Thanks for your inquiry. Click back to return to My Website.</font>";
} else {
echo "<font face=\"Veranda\">There was a problem sending the mail. Please check that you filled in the form correctly.</font>";
}
?>

What do I need to add/remove from that to stop these bastards? Sorry if this is painfully obvious and simple to some people but I'm no programmer.

silverbytes

6:35 pm on Sep 24, 2005 (gmt 0)

Anybody actually has a php form code that be strong enough we can test in our websites to see if still spammed? (if have a captcha still better)

buksida

7:24 am on Sep 29, 2005 (gmt 0)

Since nobody knew how to fix this I have moved the site to another server and have had none of them for the past 4 days.

Mokita

11:48 pm on Oct 8, 2005 (gmt 0)

Anybody actually has a php form code that be strong enough we can test in our websites to see if still spammed?

In one site, I have a simple php contact form from "thesitewizard" which got the spam. But in two other sites I use the Level 10 php form [leveltendesign.com...] and neither of those received any spam. So I guess that it is pretty strong.

However, the spam flood abruptly stopped around the end of September so there probably isn't much chance of testing it in your site now. Unless, heaven forbid, the assault starts again.

I don't know if anyone else received the same spam through an onsite php Search script - but I did. Fortunately the script author was on to it pretty quickly and released an update that prevents it.

This 39 message thread spans 2 pages: 39