Yesterday the contact forms on my design site were spammed 30 times in the space of half an hour. *Tears hair out* For now, I've put up NL-PHPMail which I've been updating for CG but apprently the captcha still doesn't stop the spammers. Grrrr. I don't know how to use the PHP GD libraries to make complicated images, but if anyone else can then feel free to tell me how...
The stupid thing is that all 30 of these spams only contained a random American city in the URL field. There were no comments whatsoever, no links, no advertising enlargement/medical products, nothing. All there was (apart from a random name and email address that seemed to end in either Green, Miller or Scott) was the city. So I get all these forms filling up my inbox and all they say is "Boston", "NY", "Miami" and other similar cities... Is that pointless or what? There wasn't even any point to it since they weren't trying to sell me a product or increase their Google pagerank or anything. Gah.
Right so I'm back "home" (at my parents') for a week. Rather bored. Got yet another attempt at The Driving Test on Monday, not confident about it but we'll see how it goes.
Oh further to my last post on IE7, I discovered that apart from its CSS being slightly more advanced, it's still as rubbish as IE6 - it still doesn't display <acronym> tags properly and has a huge amount of other errors that I can't be bothered to mention. Oh but it has tabbed browsing and RSS subscription functionality! *Gasp* Wow! /sarcasm
I can see it now - all the n00bs will get confused and say "lyke omg I prefered IE6!!!1" - I know a few people who've already said that to me, haha.
Edit: It's not stopping! Even though I changed the forms and everything - the spam continues! Turns out I'm having to delete the form from the server completely. Dammit. I had renamed it in the hope of being able to work on it later, but apparently that's not good enough. Now I'm getting a ton of 404 error reports on my site for spammers looking for any sort of form script to abuse. They haven't found NL-PHPMail yet though. I hope the image verification will be enough to keep them away from it.
The amount of email spam I get is absolutely ridiculous. I don't need form spam making it worse, thanks.
valerie
5/02/2006 at 15:33
Hmmm.... I don't get it either. This is weird. I installed one the other day but it's a new site, so we'll have to see what happens there... :|
Amanda
15/02/2006 at 5:38
Good luck on your driving exam. The comment you left me in the LJ makes me understand the system a bit better.
I'm sorry you're having problems with spam. I know you've worked hard on updating the script. I found out, by logging the random image text in the email message, that spammers were bypassing the image thing alltogether. I don't know how that's even possible, considering how the script was done. Adding a random hash to the form action is keeping them away, for now, at least.
Amelie
15/02/2006 at 14:31
*Sigh* I thought it was probably something like that. I think what they're doing is getting the session name and value and then just telling the script that the value is correct regardless of whether they entered it or not. >:( This is annoying me so much, if they're bypassing it altogether then it doesn't matter how complicated the image is, they'll always get round it. Spam/spammers suck.