how to handle MCAfee Secure Spam Attack (TESTER) on site?

Posted on 2008-11-09
Last Modified: 2013-12-13
hi guys i am running a site
but when Mcafee runs on the site for testing purpose it spams and send alters to administrator(my client) i am a php developer plz guide me how to handle it.
currently i am using a registration based on 3 steps( he doesn't like capache)
1- on step A i use to set session A='some value'
2- on step B i check if it exists or not if not then send back to 1st step
3- same with this step but set empty session after data insertion in the database.
please guide me if there is any other way?
Question by:naeembhatti
    LVL 50

    Accepted Solution

    Your system only mandates that registrations follow pageA->pageB->pageC.  Granted, McAfee is hired to do this to your site, but it could just as easily be a spam-bot.  In order to prevent these kinds of false registrations, you will need to provide for some type of CAPTCHA device.

    As far as just making McAfee not scan that particular page, you should be able to exempt it through your control panel at McAfee's site.  I used them when they were still ScanAlert, and they made it very easy to remove a single page from the scan pattern.  Contact McAfee for more help with this aspect.

    Author Comment

    thanks routinet for your reply, i just need to know what funciton mcafee do for it?
    how he will able to post spam bot to over submit forms?
    can u give me link or detail
    and also my client doesn't want capache, what to do now?
    LVL 50

    Assisted Solution

    by:Steve Bink
    If your client does not want a CAPTCHA, there's not a lot he can do to secure his form submissions.  Anything you provide to the user can be automated just as easily with a bot script.  The only way to tell human from script is to give it a question only a human can understand.

    As far as getting McAfee to behave, you'll have to talk to them.  I know ScanAlert had a way to exempt specific pages through their control panel.  I have no idea how that system has changed now that McAfee has rebranded them.  Talk to their support; I'm sure they will be able to tell you how to accomplish this.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Join & Write a Comment

    Email attacks are the most efficient and effective way for cyber criminals and hackers to compromise a computer or network. We often find our-self second guessing the authenticity of an email message, for such instances we can follow practical princ…
    Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
    The viewer will learn how to count occurrences of each item in an array.
    The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

    729 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now