Solved

Prevent spammers from abusing post pages

Posted on 2006-12-01
6
166 Views
Last Modified: 2010-04-25
I have a few pages which allow users to upload entries into the database for apartment postings etc. I have seen a few similar sites which have been over run by people posting huge lists of links to porn pages etc. I would like to allow users to post without making them create a user id and password which they would have to use to sign in every time. There are two questions here. First: why do people want to post web links like this and Second: Is there a way to prevent this without creating a user id password feature for all users? Thanks.
0
Comment
Question by:elliottbenzle
6 Comments
 
LVL 30

Accepted Solution

by:
irwinpks earned 500 total points
ID: 18052197
Q1:  They have nothing else better to do
Q2:  A user id/password feature ensures that you will have a valid connection with any user.  It would be prudent for you to implement this kind of authentication.  Generally you will eliminate a great majority of wrong-doers.  Should you NOT want to have your site authenticate, you can infuse a filter system to weed out words that are submitted by users.  The latter is harder to do.
0
 
LVL 4

Author Comment

by:elliottbenzle
ID: 18053966
I've seen boxes where a user has to input a set of random letters and numbers displayed in an image. Is this a good way to prevent spammers and when it is done is the group of letter/numbers in the image random (an new grouping every time) or is it always the same. If it is random then how do I do this? Thanks
0
 
LVL 10

Expert Comment

by:KenAdney
ID: 18055152
My pages usually use ASP so I coded to avoid certain strings.  For instance:

unwantedStrings = Array(".com", ".net", ".org", ".edu", ".info", "http:", "https:", "ftp:")
For Each formElement In Request.form
  formValue = Request.form(formElement)
  For each str in unwantedStrings
    If InStr(formValue, str) > 0 Then
      weHaveTrouble = "yes"
      badString = str
    End If
  Next
Next
If weHaveTrouble = "yes" Then
  Response.write("This is inappropriate. You should not enter <b>'" & badString & "'</b> into the form!")
  Response.end
End if
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 70

Expert Comment

by:Jason C. Levine
ID: 18055645
Hi elliott,

If your form pages are public, sooner or later spammer spiders will index them and automated scripts will start abusing them.  The inputting of the random string from an image is called a CAPTCHA and you can find more info on them here:

http://www.google.com/search?q=asp+CAPTCHA

Basically, a random string is generated and stored in a variable on the server and is then displayed as an image to prevent spiders from reading the text.  The form fails unless the text on the image is entered into a textbox.
0
 
LVL 30

Expert Comment

by:irwinpks
ID: 18055762
I agree with jason1178...Captcha is good if you want random people to add info to your site.

However, consider the use of a member database.  This way, you will be able to maintain an ever growing collection of prospective users. You most certainly can use that list for marketing, promo, or simply pass information to the original poster.
0
 
LVL 30

Expert Comment

by:irwinpks
ID: 18074815
cool. thank you
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

For those who don't know, Adobe Dreamweaver is a popular commercial web editor that enables you to design, build and manage complex websites. The editor is a WYSIWYG (What You See Is What You Get) web editor, which means that you can create your web…
I still run into .cgi files every now and then. In some instances, I actually prefer the simplicity of a .cgi script to other options. Since I use DreamWeaver extensively, what I needed was a way to open .cgi scripts in Dreamweaver. And I wanted to …
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now