Hi there. I'm running a SMS site. people send sms by filling a form from my site and it will be emailed to the specific provider via email. I've been facing robot/script-initiated visits and sending out bulk sms via my web site. How do I block this? Let's say I would limit 50 per person per day, is there any simple php script that can do this?
CPATCHA's could work. And indeed, just count their quota. Would be dead simple if yuo know a bit of php/mysql.
Hi there. May I know what is CPATCHA ? I googled it but couldnt find anything. Yes, I know it's real simple, but I'm not into php/mysql at all. I just know the start tag of php, and I just know how to dump mysql data only. Your help is much appreciated.
Well, I checked that for a moment, and i realised that it was something all of us should know, but not the name itself. But, I'm just reluctant to use it because of not-so-user-friendly. Any simple php way of doing it?
Yes, just add a column to the member table and count how many they've sent. Get a freelancer to do this if you don't know how. For $50 you should be able to get it done.
well, I thought there is some few-liner's of php code that can, lets say block certain IP if the same page is reloaded for X times.
you're right. it isn't user friendly and there are better options. plus, captchas can be broken. I'd do the following: 1) restrict the number of submissions per ip per day 2) ditch captcha, go with a question-based verification. have the questions rotate. make it simple. ie, "the plural version of cat is _____." simple, more user friendly, and harder for robots unless they're targetting your site specifically. even if they are, the rotation thing should help. once a user has answered correctly, you may want to set a cookie (lots of automated scripts don't even accept cookies, by the way-- another way to make things more complicated for them !) so they don't have to answer the question every time.
Yes but bots can come from many IPs. You can indeed count in the database, in a cookie, by IP, in a session. There's many ways.
oh, I didn't even mean counting it via a cookie, though that's a possibility for something else: if your legit users are sending a lot of messages, set a max, and if they want to send more, ask them to upgrade to a premium account for a moderately priced subscription. what I meant by cookies, though, is that many bots fail to act like a regular browser in a lot of ways. they often: don't accept cookies, don't deal with javascript, have trouble with captchas, and have trouble with simple human common sense questions. a great place to look at for how to block bots would be dissecting sites like rapidshare, sendspace, etc. sendspace doesn't even use a captcha. bottom line: there are a lot of options. you need to measure what works best for your user versus what would work best at blocking the bots. only way to know for sure, like always in the internet marketing world, is to test.