Apr 30 2014

Stop The Guestbook Spam

Posted by domain admin in News

Many know the problem, no one is happy to have the PHP tutorial worked through his confidence and happy that the self-programmed guestbook to work, even this joy is marred by an excessive number of spam messages that refer to more than dubious websites. There are programs called spambots that do nothing all day other than the Internet search for forms, in particular on the lookout for guest books, forums, shout boxes or the like, and try to leave your message there. These spambots are especially pleased about it if they were successful, ie if the advertising also appears real. The problem here turn is that if a spam bot once success had always come to sell his message over and over again. These entries can all be very time consuming to remove manually, so it’s better to take a few precautions.

The most effective precaution, spam messages is not even save. But, as I see one Spam entry? There are different strategy, which I would like to introduce you. 1st No URLs allow As banal as it sounds, this method is so effective. Before her in the PHP script stores the entry, it reviewed by a regular expression, if this contribution contains a URL. If this is the case, you give out an error message that asks the user not to use URLs in his article. One possible if statements may look like this: if echo “Please do not post URLs”; else / / store second review Use hidden fields in your form you invisible fields. This method sounds just funny, but very effective. And use their input fields, preferably with a typical url names such as, homepage, etc., none by their CSS and display:; turns invisible. A regular visitor can see these fields and so should be about there either. A spambot searches your source code just for forms, but it will not parse CSS file to see if possibly an entry is invisible. Therefore, if he submits the form, will be most probably also enter text into these invisible fields.

On the page where you save the entry, you have now just checking if all the invisible fields actually contain no text. If any of these fields but contain text, you have transferred the spambot and does not save the article. 3rd Security Code / Captcha This method is unlike the other two not invisible, and also reduces the comfort of regular visitors. And the visitor before his entry is stored, the number that is represented in an image, a so-called Captcah, typewrite in a box. Only when he types in the correct number, its entry is also stored. The background of this is that machines can be relatively poor grasp of the text images, so it creates a spambot not read the numbers from the image and therefore his record is not saved. You can find these methods also combine with each other, in particular a method and two. Properly applied, they offer you a very good protection against annoying spam messages.

Comments are closed.