[FX.php List] Fwd: spam and php fmp sites

Bob Patin bob at patin.com
Thu Oct 18 13:51:00 MDT 2007 

I use a validation routine, much like blog post pages do; it ensures  
that the forms are being submitted by humans, and has stopped that  
problem on my own and clients' sites.

I have a set of number images (one per digit); I create a 6 or 7- 
digit random number, which dictates what set of 6 or 7 number images  
are put together to form a single image. Then the user has to type in  
the number that he sees, which allows the post to be made.

Bob Patin
Longterm Solutions
bob at longtermsolutions.com
615-333-6858
http://www.longtermsolutions.com
Member of FileMaker Business Alliance and FileMaker TechNet

   CONTACT US VIA INSTANT MESSAGING:
      AIM or iChat: longterm1954
      Yahoo: longterm_solutions
      MSN: tech at longtermsolutions.com
      ICQ: 159333060

--------------------------
Contact us for FileMaker hosting for all versions of FileMaker
PHP • CDML • Full email services • Free DNS hosting • Colocation •  
Consulting


On Oct 18, 2007, at 2:04 PM, Joel Shapiro wrote:

> Hi all
>
> I'm forwarding something from a local colleague.  He's got a site  
> that's getting hit with form submissions by spammers.
>
> He works for a school district.  The site is not meant for the  
> general public, although it is apparently publicly available and is  
> not password protected.
>
> Any quick suggestions for them?
>
> (Sorry the post is so long, but I figured I might as well forward  
> his whole message.)
>
> Thanks,
> -Joel
>
>
> Begin forwarded message:
>
>> Subject: spam and php fmp sites
>>
>> Any suggestions on how to stop spam from being submitted on a PHP  
>> FileMaker
>> web registration solution, running on a Windows 2003 Server with  
>> FMAS9?
>>
>> The solution does not ask for any password.  Users can hit it over  
>> the web.
>> I am not sure how spammers found it if not from webbots....
>>
>> One of the functions of the solution is to allow users to send a  
>> suggestion
>> via email.  The user goes to a page where they fill in a  
>> suggestion text
>> field and hit a submit button which creates are record and  
>> generates an
>> email message with to a backend fmp user with the contents of the  
>> suggestion
>> field they filled out.
>> -------------Some spam is beig generated from this function where  
>> the emails
>> sent contain spam url's that heve been entered into the suggestion  
>> text
>> field.
>>
>> Another function of the solution is where users can register for a  
>> workshop.
>> They choose a workshop from a list and then fill in their user  
>> information
>> and then click a "register" (submit) button which creates a new  
>> record in
>> the solution.  Spam URL's are appearing in the user background  
>> infomration
>> text fields from these bogus registrations.
>>
>> I was thinking that if I required authentication from one account  
>> therefore
>> giving all users of the system the same password would prevent the  
>> spam.
>>
>> or
>>
>> The instead of FM authentication, make it look like there is a  
>> password
>> needed by giving out to all users a universal password which is  
>> actually
>> just a phrase they enter into a field when first entering the  
>> solution and
>> clicking on a submit button which does a search for that  
>> phrase...if the
>> phrase is not correct they are sent to an error page if it is  
>> found they are
>> taken to the registration menu.
>>
>> Any ideas on how to stop this?  Is anyone encountering similar
>> problems...where spammers are filing out forms and submitting them  
>> with SPAM
>> content??
>>
>> Thanks for your help!
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list

More information about the FX.php_List mailing list