Problems, need help? Have a tip or advice? Post it here.
7 posts Page 1 of 1
I recently launched a new CouchCMS based site on a GoDaddy server. I have taken all of the usual spam prevention measures ( requiring approval, setting interval, renaming index.php ) but my client is receiving repeated "Feedback from your site" emails with no content. The messages are being sent consecutively, many per minute.

Any guidance on how to solve this situation is greatly appreciated.

Attachments

Hi,
I have taken all of the usual spam prevention measures ( requiring approval, setting interval, renaming index.php )

The spam prevention methods you mentioned are actually meant for the 'comments' that people can attach to individual posts.

What you are seeing is the abuse of the contact form which is just a regular FORM and we'll need to put in spam protection ourselves.

You'll find some ery effective methods of dealing with spam in this thread:
viewtopic.php?f=8&t=7047

I suggest you use both the 'Q & A' as well as the 'stopforumspam' methods. I'm sure this will help cut the spam considerably.

As an aside, I noticed that you are getting 'blank' submissions. Have you not set the 'required' parameter to '1' for the message box?
That makes sense. I added the question asking about the color of the sky and that seems to stop the abuse. This might serve as a good warning to others new to the system. The form was abused in a very short amount of time.

The interval setting did not seem to act as a preventative measure - unless I misunderstood the purpose.

Thanks for the speedy reply.
I'm glad it helped. Quite clearly it was a bot attack.
To protect the form from human spammers, I'll strongly suggest that you deploy the 'stopforumspam' method as well.

Assuming (as explained in the mentioned post) that you've downloaded and added the script using kfunctions.php, you'll simply need to add the following line to the existing code of your form (where 'name' and 'email' are supposed to be the names of the input fields):
Code: Select all
<cms:stop_spam frm_name frm_email />

The code will now become:
Code: Select all
<cms:if k_success >   
    <cms:stop_spam frm_name frm_email />
   
    <p id='mail_success' class='success' style="display:block">Thank you. I'll get back to you as soon as possible.</p>

    <cms:send_mail from=frm_email to=k_email_to subject='Feedback from your site'>
        The following is an email sent by a visitor to your site:
        <cms:show k_success />
    </cms:send_mail>
</cms:if>

You mentioned:
The interval setting did not seem to act as a preventative measure - unless I misunderstood the purpose.

I replied to this in my first response that these measures are for the 'comments' feature - which is a separate entity altogether from the form that you are using for the contact page.
My client just got 30 more emails. I have removed the form from the content page. Any ideas of how to block a bot attack and not human spammers?
I was wondering if you could get me FTP access to the site, please?
I removed the form and added the standard GoDaddy form mailer script and it solved the problem. Due to privacy concerns I am unable to supply access to the server.

Best
7 posts Page 1 of 1
cron