[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 175
  • Last Modified:

Prevent spammers from abusing post pages

I have a few pages which allow users to upload entries into the database for apartment postings etc. I have seen a few similar sites which have been over run by people posting huge lists of links to porn pages etc. I would like to allow users to post without making them create a user id and password which they would have to use to sign in every time. There are two questions here. First: why do people want to post web links like this and Second: Is there a way to prevent this without creating a user id password feature for all users? Thanks.
0
elliottbenzle
Asked:
elliottbenzle
1 Solution
 
Irwin SantosComputer Integration SpecialistCommented:
Q1:  They have nothing else better to do
Q2:  A user id/password feature ensures that you will have a valid connection with any user.  It would be prudent for you to implement this kind of authentication.  Generally you will eliminate a great majority of wrong-doers.  Should you NOT want to have your site authenticate, you can infuse a filter system to weed out words that are submitted by users.  The latter is harder to do.
0
 
elliottbenzleAuthor Commented:
I've seen boxes where a user has to input a set of random letters and numbers displayed in an image. Is this a good way to prevent spammers and when it is done is the group of letter/numbers in the image random (an new grouping every time) or is it always the same. If it is random then how do I do this? Thanks
0
 
KenAdneyCommented:
My pages usually use ASP so I coded to avoid certain strings.  For instance:

unwantedStrings = Array(".com", ".net", ".org", ".edu", ".info", "http:", "https:", "ftp:")
For Each formElement In Request.form
  formValue = Request.form(formElement)
  For each str in unwantedStrings
    If InStr(formValue, str) > 0 Then
      weHaveTrouble = "yes"
      badString = str
    End If
  Next
Next
If weHaveTrouble = "yes" Then
  Response.write("This is inappropriate. You should not enter <b>'" & badString & "'</b> into the form!")
  Response.end
End if
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Jason C. LevineNo oneCommented:
Hi elliott,

If your form pages are public, sooner or later spammer spiders will index them and automated scripts will start abusing them.  The inputting of the random string from an image is called a CAPTCHA and you can find more info on them here:

http://www.google.com/search?q=asp+CAPTCHA

Basically, a random string is generated and stored in a variable on the server and is then displayed as an image to prevent spiders from reading the text.  The form fails unless the text on the image is entered into a textbox.
0
 
Irwin SantosComputer Integration SpecialistCommented:
I agree with jason1178...Captcha is good if you want random people to add info to your site.

However, consider the use of a member database.  This way, you will be able to maintain an ever growing collection of prospective users. You most certainly can use that list for marketing, promo, or simply pass information to the original poster.
0
 
Irwin SantosComputer Integration SpecialistCommented:
cool. thank you
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now