[FX.php List] Fwd: spam and php fmp sites

Joel Shapiro jsfmp at earthlink.net
Thu Oct 18 13:42:15 MDT 2007

Hi William

I thought of that, but are there "simple" captchas?


On Oct 18, 2007, at 12:38 PM, William Downs wrote:

> Hi Joel,
> would it not help to implement a simple Captcha ?
> William
> On 10/18/07, Joel Shapiro <jsfmp at earthlink.net> wrote:
>> Hi all
>> I'm forwarding something from a local colleague.  He's got a site
>> that's getting hit with form submissions by spammers.
>> He works for a school district.  The site is not meant for the
>> general public, although it is apparently publicly available and is
>> not password protected.
>> Any quick suggestions for them?
>> (Sorry the post is so long, but I figured I might as well forward his
>> whole message.)
>> Thanks,
>> -Joel
>> Begin forwarded message:
>>> Subject: spam and php fmp sites
>>> Any suggestions on how to stop spam from being submitted on a PHP
>>> FileMaker
>>> web registration solution, running on a Windows 2003 Server with
>>> FMAS9?
>>> The solution does not ask for any password.  Users can hit it over
>>> the web.
>>> I am not sure how spammers found it if not from webbots....
>>> One of the functions of the solution is to allow users to send a
>>> suggestion
>>> via email.  The user goes to a page where they fill in a suggestion
>>> text
>>> field and hit a submit button which creates are record and
>>> generates an
>>> email message with to a backend fmp user with the contents of the
>>> suggestion
>>> field they filled out.
>>> -------------Some spam is beig generated from this function where
>>> the emails
>>> sent contain spam url's that heve been entered into the suggestion
>>> text
>>> field.
>>> Another function of the solution is where users can register for a
>>> workshop.
>>> They choose a workshop from a list and then fill in their user
>>> information
>>> and then click a "register" (submit) button which creates a new
>>> record in
>>> the solution.  Spam URL's are appearing in the user background
>>> infomration
>>> text fields from these bogus registrations.
>>> I was thinking that if I required authentication from one account
>>> therefore
>>> giving all users of the system the same password would prevent the
>>> spam.
>>> or
>>> The instead of FM authentication, make it look like there is a
>>> password
>>> needed by giving out to all users a universal password which is
>>> actually
>>> just a phrase they enter into a field when first entering the
>>> solution and
>>> clicking on a submit button which does a search for that
>>> phrase...if the
>>> phrase is not correct they are sent to an error page if it is found
>>> they are
>>> taken to the registration menu.
>>> Any ideas on how to stop this?  Is anyone encountering similar
>>> problems...where spammers are filing out forms and submitting them
>>> with SPAM
>>> content??
>>> Thanks for your help!
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
> -- 
> William Downs
> Development and Support
> BD Databases Ltd
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

More information about the FX.php_List mailing list