Solved

Prevent spammers from abusing post pages

Posted on 2006-12-01
6
169 Views
Last Modified: 2010-04-25
I have a few pages which allow users to upload entries into the database for apartment postings etc. I have seen a few similar sites which have been over run by people posting huge lists of links to porn pages etc. I would like to allow users to post without making them create a user id and password which they would have to use to sign in every time. There are two questions here. First: why do people want to post web links like this and Second: Is there a way to prevent this without creating a user id password feature for all users? Thanks.
0
Comment
Question by:elliottbenzle
6 Comments
 
LVL 30

Accepted Solution

by:
irwinpks earned 500 total points
ID: 18052197
Q1:  They have nothing else better to do
Q2:  A user id/password feature ensures that you will have a valid connection with any user.  It would be prudent for you to implement this kind of authentication.  Generally you will eliminate a great majority of wrong-doers.  Should you NOT want to have your site authenticate, you can infuse a filter system to weed out words that are submitted by users.  The latter is harder to do.
0
 
LVL 4

Author Comment

by:elliottbenzle
ID: 18053966
I've seen boxes where a user has to input a set of random letters and numbers displayed in an image. Is this a good way to prevent spammers and when it is done is the group of letter/numbers in the image random (an new grouping every time) or is it always the same. If it is random then how do I do this? Thanks
0
 
LVL 10

Expert Comment

by:KenAdney
ID: 18055152
My pages usually use ASP so I coded to avoid certain strings.  For instance:

unwantedStrings = Array(".com", ".net", ".org", ".edu", ".info", "http:", "https:", "ftp:")
For Each formElement In Request.form
  formValue = Request.form(formElement)
  For each str in unwantedStrings
    If InStr(formValue, str) > 0 Then
      weHaveTrouble = "yes"
      badString = str
    End If
  Next
Next
If weHaveTrouble = "yes" Then
  Response.write("This is inappropriate. You should not enter <b>'" & badString & "'</b> into the form!")
  Response.end
End if
0
Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 18055645
Hi elliott,

If your form pages are public, sooner or later spammer spiders will index them and automated scripts will start abusing them.  The inputting of the random string from an image is called a CAPTCHA and you can find more info on them here:

http://www.google.com/search?q=asp+CAPTCHA

Basically, a random string is generated and stored in a variable on the server and is then displayed as an image to prevent spiders from reading the text.  The form fails unless the text on the image is entered into a textbox.
0
 
LVL 30

Expert Comment

by:irwinpks
ID: 18055762
I agree with jason1178...Captcha is good if you want random people to add info to your site.

However, consider the use of a member database.  This way, you will be able to maintain an ever growing collection of prospective users. You most certainly can use that list for marketing, promo, or simply pass information to the original poster.
0
 
LVL 30

Expert Comment

by:irwinpks
ID: 18074815
cool. thank you
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Dreamweaver - Spell check extension 4 491
can i use dw to modify this site 1 317
CSS Problem With Header Text 4 364
Site contents shift off page in IE 32 131
For those who don't know, Adobe Dreamweaver is a popular commercial web editor that enables you to design, build and manage complex websites. The editor is a WYSIWYG (What You See Is What You Get) web editor, which means that you can create your web…
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question