[Pro] Problems with spam?

One of my clients is starting to receive a lot of bogus requests via a free offer form that’s on his website. I designed the form using easiForm, which has a robot spam block, so apparently the form is being filled in by actual people. Nearly all of the requests are coming from Russia. Unfortunately, my client is getting really annoyed and has even requested that we remove the form.

Is there anyway I can block or filter out some of these bogus requests?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

This can be tricky. I had a similar problem with a site I did that used Tim Plumb’s Feedback Form. I had even implemented the latest features to try to bring the spam down and it didn’t help. Then, on a whim, I tried an idea.

I changed the URL (file name) for the page.

The spam completely stopped. Of course, the nice part was that with Freeway, it was crazy easy to do and I didn’t have to worry about all the inbound links needing to be changed.


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Great idea. Thanks Joe.


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Just out of curiosity, how do search engines such as Google feel about changing page names. Does it hurt your organic positioning or do they not care?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Google doesn’t care about the Title tag, but the filename is all-important. If you follow Joe’s advice, and if the page that you follow it on is an important part of your search results (a landing page for Google searchers, more or similarly weighted to your home page) then it will directly impact your results.

In order to preserve your search mojo, you would have to issue a 301 redirect from the old page to the new. But since you’re trying to kill a room-full-of-spammers attack, that’s the very LAST thing you want to do.

So you have a dilemma – do you want to kill the spam or hurt your search results? Now you do have lots more pages than just the contact form page, so your odds are probably in your favor that the Google ranking won’t suffer too much. But since you also have links to your (newly-named) contact form elsewhere in your site, it’s only a matter of time before the spammers return. It’s like trying to keep the squirrels out of your attic.

Walter

On Mar 5, 2012, at 9:40 AM, RavenManiac wrote:

Just out of curiosity, how do search engines such as Google feel about changing page names. Does it hurt your organic positioning or do they not care?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Good info. Thanks Walt.

What do you think triggered the spam? Was it the word free? Are there people out there who have nothing better to do than fill out web forms?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

It depends on what sort of content they are entering in your form. A whopping majority of Web servers run in what’s called Name-Based Virtual Domain mode, which means that you are probably sharing the same physical hardware with hundreds or thousands of other sites. Any form input is a crack through which a payload might be added to your site. Once there, that payload might be used to access the databases of all the other sites on the same hardware, which could lead to all sorts of non-trivial identity theft. It doesn’t matter what your server collects on its form, in other words, it matters only that they keep trying the same attack everywhere until they get in somewhere.

Quite a lot of form-spam is simply links to porn or phishing sites, and the room full of people simply hit the comment forms everywhere, pasting in a lot of links. They rely on the fact that most blogs don’t moderate comments, so their input is immediately reflected out to the Web, and the next visitor to the blog will see those links.

But yours is a contact form, and it just sends mail to your client. If your contact form is well written (and the easiForm stuff seems very sound) then these will be stripped out or nullified, and your only issue is inconvenience at having the chaff amongst the wheat. The attack is going nowhere if all it is is link-spam.

Walter

On Mar 5, 2012, at 10:41 AM, RavenManiac wrote:

Good info. Thanks Walt.

What do you think triggered the spam? Was it the word free? Are there people out there who have nothing better to do than fill out web forms?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Kelly, as explained in my email to you ‘maybe you didn’t receive it’, there is a difference between Spam and clients you do not want! The example you sent me is not email that looks like Spam, it looks like it is someone requesting the service. If you don’t want to supply the service then you need to handle that another way.

An option that might work is to enter part of the email address domain to block emails from that country, or at least from a domain that would appear to be connected to a particular country.

You could also reply to some of the emails using a temp hotmail address, explain to these people ‘using that address’ that you do not supply the service to their country and then wait and see what replies you get, if that address starts getting spam then you know they are trying to get nothing more than your email address but to be honest, ‘spammers’ generally don’t take the time to type proper names, properly formatted telefhone numbers and supply proper information for the service you are supplying! although the address is Russian it does seem strange that ‘New York’ is selected, hence the hotmail address option to run a test on it.

If your cleint does not want requests from Russian email addresses then setting up an email filter for .ru on the server should stop those emails coming into their account.

HTH

On Mar 5, 2012, at 2:54 PM, RavenManiac wrote:

One of my clients is starting to receive a lot of bogus requests via a free offer form that’s on his website. I designed the form using easiForm, which has a robot spam block, so apparently the form is being filled in by actual people. Nearly all of the requests are coming from Russia. Unfortunately, my client is getting really annoyed and has even requested that we remove the form.

Is there anyway I can block or filter out some of these bogus requests?


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

Thanks Mike. Yes, I did get your email and your suggestions are very much appreciated. I think I posted this thread before I contacted you directly.

BTW, to anyone considering a forms solution, I highly recommend easiForm. Not only is it a great action, but Mike is very responsive. Plus, you’ll be helping a fellow Freeway Pro supporter. :slight_smile:


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options

I see now, sorry I just got in and am catching up.

On Mar 5, 2012, at 8:15 PM, RavenManiac wrote:

Thanks Mike. Yes, I did get your email and your suggestions are very much appreciated. I think I posted this thread before I contacted you directly.

BTW, to anyone considering a forms solution, I highly recommend easiForm. Not only is it a great action, but Mike is very responsive. Plus, you’ll be helping a fellow Freeway Pro supporter. :slight_smile:


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options


freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options