1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Getting Spam attacks on asp form on web site will pay for solution

Discussion in 'C#' started by phealey, Oct 4, 2006.

  1. #1
    phealey, Oct 4, 2006 IP
    SEMrush
  2. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #2
    put something like many site have, with an image that generates automatically and the user must type it by hand
     
    ludwig, Oct 4, 2006 IP
  3. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #3
    I have that and its not stopping the spam maybe it is not installed properly can some one help and check this out
    HELP ME
     
    phealey, Oct 4, 2006 IP
  4. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #4
    if you can send me the ASP code I can go over it

    beside that may be done by hand also
    so you can't STOP it
     
    ludwig, Oct 4, 2006 IP
  5. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #5
    ludwig, Oct 4, 2006 IP
  6. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #6
    it might be worth checking your log files to identify the program. It may well be a badly written spider or some malfunctioning web filtering software. In either case, contacting the bot owners can often get it stopped.
     
    Free Born John, Oct 4, 2006 IP
  7. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #7
    No its not a freindly bot its all links to porno site bing placed on my forms

    Thanks for the advice though

    Paul
     
    phealey, Oct 5, 2006 IP
  8. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #8
    change the url for contacts page, see if it continues, maybe if its a bot and it visits and doesn't find contactus.asp or franchise.asp it'll stop untill next time they add the new url.

    If it does not stop, then people do it by hand :(
     
    ludwig, Oct 5, 2006 IP
  9. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #9
    do they all come from the same IP address? If so you can block that in your global.asa(x) , or even ask your ISP to block it in the firewall.
     
    Free Born John, Oct 5, 2006 IP
  10. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #10
    Thanks for advice but we have tried that as well

    H E L P >>>>>
     
    phealey, Oct 5, 2006 IP
  11. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #11
    I don't get this. Are you saying these are coming from different IP addresses? That would be a ddos attack and who would want, or have the ability to do that to you. How about some more detail.

    How many postings, what's the frequency between them, what are the IP addresses, who do they resolve back to. Are all the postings the same or different.

    Can you post or PM me a logfile and the asp code and I'll have a look later tonight if I get chance.
     
    Free Born John, Oct 5, 2006 IP
  12. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #12
    seems like a wind-up to me
     
    Free Born John, Oct 5, 2006 IP
  13. matt-

    matt- Peon

    Messages:
    233
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #13
    I just check for certain crap in the message, such as 'content-type', 'mime-version' etc and email addresses in telephone number fields etc.. I always get the ones that try to exploit the form to BCC emails. Can be validated quite easy if its these kind of submissions you're getting, without having to trouble your users with captcha's.
     
    matt-, Oct 5, 2006 IP
  14. ccoonen

    ccoonen Well-Known Member

    Messages:
    1,607
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    160
    #14
    yup - check for mail headers, and if it detects them - send the contact form to a different email account. - but ONLY AFTER you strip the Email headers! otherwise they can still hijack your form.
     
    ccoonen, Oct 5, 2006 IP
  15. matt-

    matt- Peon

    Messages:
    233
    Likes Received:
    7
    Best Answers:
    0
    Trophy Points:
    0
    #15
    Yeah I just put up an error message and don't send the email at all if it fails the validations.
     
    matt-, Oct 5, 2006 IP
  16. surfnearnzone

    surfnearnzone Well-Known Member

    Messages:
    1,494
    Likes Received:
    62
    Best Answers:
    0
    Trophy Points:
    165
    #16
    The solution is right here. look down :) I have not done it after someone told to me but i learnt it accidently. I used to get 100 - 200 hits a day with this kind of attacks but now they are almost nil.

    And one more thing i m not just suggesting but telling you that it works somehow. It was infact worse. I used to get it from a range of ip and when i reversed looked it up i could'nt find a link to my website so its so much more of a headache.


    Your captcha thing is software readable. The thing which people must type in a box to post the message and i think it's of no use to your website. Get it recoded by someone.

     
    surfnearnzone, Oct 9, 2006 IP
  17. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #17
    Hi John

    This is not a wind up I am have a serious problem with this issue-

    I have just returned from a few days away so here is my response to your questions
    Firstly I am not a programmer I am a webmaster & business owner

    1/ The image capture is what my programmer firstly advised. It isn’t working why? Is it poorly installed? Or the wrong type?

    2/ My programmer recommend some more code that would stop repeated attatccks from the same ip address , again It isn’t working why? Is it poorly installed? Or the wrong type?

    3/ A few months ago a member on this site installed some code it worked but was unreliable ( and was php ) which apparently doesn’t mix well with asp

    4/ Also another member has been try to fix it for a few days again so far with no luck.

    In answer to your specific questions I get about I message a hour inserting html in my message field to a porno site please screen shots below

    What I need is programmer to advise and implement the modifications or reinstall.

    I have screen prints of the issue i can email to anyone i will and attatch to this post
    Thanks paul
     
    phealey, Oct 11, 2006 IP
  18. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #18
    Screen print file to large so have cut and pasted spam entry


    Name : Eugenia Ted

    Address :

    Phone Number :

    Email :

    Franchise : Surrey & S.W. London 0845 094 2262

    Message
    <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/girls-cum-cumfiesta-naked-messy.htm"> girls cum cumfiesta naked messy </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/mpeg-movie-clips-cumfiesta.htm"> mpeg movie clips cumfiesta </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/kim-cumfiesta.htm"> kim cumfiesta </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta-larissa.htm"> cumfiesta larissa </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta--chat.htm"> cumfiesta chat </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cassie-young-cumfiesta.htm"> cassie young cumfiesta </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta-jesika.htm"> cumfiesta jesika </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta-hailey.htm"> cumfiesta hailey </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta-nadine.htm"> cumfiesta nadine </a> <a href="http://amber-cumfiesta-pics.sheehanumberto.com/cumfiesta-avena-pics/cumfiesta-vanessa.htm"> cumfiesta vanessa </a>
     
    phealey, Oct 11, 2006 IP
  19. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #19
    hi,

    my apologies for suggesting it was a wind-up, clearly it's not.

    If you could post/pm a logfile that would be a huge help. Blocking by IP would still seem to be the answer. But without a logfile you can't know which IP it's coming from or whether it's changing for each post.

    An interim solution would be to clean the input in the message box before storing it in the database/posting it on. That way at least you won't get any unpleasant links in the posting. You could also include the IP in the post to easily see where they're coming from and then block that.

    regards FBJ
     
    Free Born John, Oct 11, 2006 IP
    ludwig likes this.
  20. phealey

    phealey Well-Known Member

    Messages:
    186
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    138
    #20
    Many thanks to member Free Born John , he has resolved my problems

    Its great to have members like this on this forum
    Cheers
     
    phealey, Oct 13, 2006 IP