I have recently added a couple of forms to my website to gather names for a mailing list. This has worked well, but recently I have been plagued by nonsense applications to join. None of the names or e-mail address make sense. Obviously done by some malicious programme. How can I stop this?
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
Hi Rattie
Probably the best method is using something like a captcha system.
What it does is force someone to read a distorted code and then copy that code into a required field. if this isn’t done exactly the form isn’t submitted.
There are a couple of ways to add this, though probably the easiest is using an ation from here:
http://easibase.com/freeway/
though there are others around
kindest regards max
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
Just out of interest won’t the Form Validate Action do the job here Max? I used it, although not for this reason, and it requires the user to check a box first or the form won’t go. I used EasiCaptcha on a site but I hit problems and Mike B very kindly finished the job for me as the instructions didn’t work for me.
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
One thing to consider in this process is that many of the spam-bots don’t run JavaScript, so if you use a validating mechanism (like the Softpress Actions) that use JS to check the form, then they will never run, and your form will submit, spam and all.
This can work to your benefit, as you can use JS to inject your form into the page, and the bots won’t know it’s there at all.
Walter
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
If the form is being used by a human then a CAPTCHA will not stop a
spam problem (spam sent to recipient), fortunately you can use the Bad
words filter in PHP easiForm to handle that side and set it up to stop
the * Human * spam sender from using the form for sending the
recipient spam email (the action blocks the user from sending to
others). These people look for forms to send the form recipient spam
that contains URL’s of their goods, they do this using http://someurl
and [url]someurl etc. so… selecting the [url option from the
‘Badwords’ menu and then you can use the badwords ‘other…’ field to
add anything else. I have had the above problem and the method I
mention stops them dead… so I guess when they find they cannot use
the form to send their URL’s they move on.
Now on saying all of this, when I do forms I use both my preferred
CAPTCHA type which is a Math type CAPTCHA (PHP easiCaptcha action)
along with my PHP easiForm actions suite and so I find I do not have a
problem with bots or humans using the form for spam. You need to be
aware that not everyone wants to stop people from sending them URL’s
in forms so for that reason you will need to select the ‘Advanced’
option if using the PHP easiForm actions, then configure the badwords
side yourself to suite your needs, it is simple and straightforward to
do but the way you do this would depend on what type of emails you
actually class as spam.
I find that many people do not really understand what they need to do
to stop spam and get very confused, there are different types of spam,
some that can be sent to the recipient, some that the spammer tries to
send to multiple addresses, spam sent by bots, spam sent by humans,
spam sent from a web form and spam sent by a computer based (or server
based) program that cannot be stopped no matter what you do on your
web form as they are not connected.
Note the PHP easiForm actions try to avoid a web based form user get
your email address that is used in the form, for example if a
confirmation is used the PHP easiForm actions give you the option of
making the confirmation look like it is sent from the email address
the actual form user enters (in other words his own), some servers do
not permit this but if they do they you can set easiForm to do this
and then just add the URL of your web form to use as the email address
in the confirmation footer, now the sender does not get access to the
recipients email and for them to send you an email they must go to the
web form page to send one… until you reply to any email received of
course, then they have a copy of the email from your own email sent by
you, but at least you can decide those contact emails that look
genuine and those that don’t and are probably just used to try and get
an email address to add to their spam email list.
HTH
On May 26, 2009, at 12:34 PM, Kryten wrote:
Just out of interest won’t the Form Validate Action do the job here
Max? I used it, although not for this reason, and it requires the
user to check a box first or the form won’t go. I used EasiCaptcha
on a site but I hit problems and Mike B very kindly finished the job
for me as the instructions didn’t work for me.
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options
freewaytalk mailing list
email@hidden
Update your subscriptions at:
http://freewaytalk.net/person/options