If you have already enabled the “Honeypot” anti-spam feature in Send Form, then you may have gotten into the cross-hairs of the “room full of bored people” attack. It is stunningly inexpensive in some parts of the world to purchase this service, where actual people are paid to submit your form, thus circumventing any form of automated spam prevention. This service is done in bulk, on the off-chance that a form will lead to the payload appearing in public, as in blog comments or other “user generated content”.
If you haven’t enabled the honeypot, then do so, it can’t hurt, and it may give you some relief for a while.
Another thing that may give you some temporary relief is to rename (the filename, not the title) your contact form page. This will force the Send Form Action to generate a new form handler with a different filename. Many of the attacks that you can fall prey to are automated, and once the “room full of bored people” have solved your riddle, the solved form is passed off to the robots for further abuse. Changing the filename means that the robots get a 404 when they submit the form, since they won’t actually be visiting the site and filling it out, just injecting their own data into your form handler, having memorized the names of the fields they need to submit. Just this one change will give you maybe months of peace at a time, and then changing it again and again might continue to do the same.
To do this, navigate to your form page in Freeway, and look in the Page Inspector. The first field is the title, and the second field is the filename. Change that to something else, it doesn’t matter at all what, as long as it ends in .html. Throw some numbers and other crap in there. People won’t see that, and the machines that have memorized the old name will have to find the new one by scraping the links off of your other pages. Freeway will update the HTML for all the other pages in your site that have a link to the contact form, so when you next upload, a lot of pages will be updated. That’s why this is a cheap trick for you to try – you don’t have to think about it too much, and Freeway will do all the work.
If your hosting providers had to modify the generated Send Form PHP script, then you will have to figure out what changes they made, and do them again, or your form will stop working. It would be worthwhile to figure out what those were anyway, because you may be able to simply configure the Action so they aren’t needed. My guess is that they wanted you to send the mail with the form contents “from” a legal address on your domain, and the Action already has the ability to do this if you configure it correctly.
But it’s important to realize that this is an asymmetrical war that you really cannot win. You don’t have the resources or the time to fight everyone who wants to attack you this way, and as long as it remains inexpensive yet even a little bit lucrative for the attackers, they will keep doing it.
If you want to have the contact form, as a convenience for your actual visitors, you’re going to have to put up with these weirdos.
Walter
On Aug 2, 2019, at 8:10 AM, John Whittaker email@hidden wrote:
Only indirectly connected with Freeway but I am hoping someone here will have suggestions. For some years I have been using SendForm on two sites, one for my part-time translation business (fairly pointless as my e-mail address is in a professional directory), another for the local church (people tend to use it for requesting christenings, weddings, etc.). Both are hosted on the same server in France. Initially I couldn’t make SendForm work, and the hosting technicians tinkered with the coding to make it work, updating it some years ago to comply with their new SMTP restrictions. E-mail address is required. Over the last couple of months, the church site has had a lot of spam, beginning with links to pornography, suggestions from ladies about what they would do on camera, and moving to pages of text in Chinese or Russian script, sometimes German, but mainly English using scientific/medical vocabulary but making no sense at all. The E-mails have a range of unlikely names, but mainly the suffic .ru . This is becoming problematic with about ten messages an hour. The other site, same server, has had none of this. I have checked the server so far as I can, and nothing has been tampered with (going by the dates and coding). My first inclination is to disable the SendForm for a time. My second is to make all fields required. My third is to look at Captcha options. Any suggestions on the best? Any suggestions as to what else to do?
freewaytalk mailing list
email@hidden
Update your subscriptions at:
Information for existing FreewayTalk / Groups.io users - Site Feedback - Softpress Talk
freewaytalk mailing list
email@hidden
Update your subscriptions at:
https://freewaytalk.softpress.com/person/options