I have a spammer attacking my ASP contact forms on my website. They're just a really basic ASP form using CDO. My host suggested that I redesign the forms to not allow more than a specified number of submissions per IP address. Does anyone know how to do that? Or have a better suggestion?
About IPs, you need to keep track of each IP address in a DB and let them use the form lets say once per day. For other ways of getting rid of them try reading this post: http://forums.digitalpoint.com/showthread.php?t=125253
depending on your software and forms, you might also think about incorporating an image captcha into your form. google "captcha" or even search on here for it and you'll find alot of ways this is used - but i've seen it work effectively many times not only on my own personal sites but on some sites that i have designed or maintained for other people. This is only effective if you've got spammers that are spamming your site programmatically, however. If you've got spammers that are going in and manually submitting your forms, then you're SOL as far as captcha's being of any benefit whatsoever. If this is the case, IP restrictions might come in handy, that is, if they're hitting it from the same IP repeatedly, which I have found, nowadays, they're not. Nowadays, they're running a script, spoofing their IP, hitting your forms over and over with different IP addresses each time... in which case an image captcha is your best bet. HTH vg
You should also check and see if the CAPTCHA has a counter to block x number of wrong submitted CAPTCHA inputs. And have a redirect to set to take them to a diffrent page when it is reached.