SitePoint Sponsor

User Tag List

Results 1 to 25 of 57

Threaded View

  1. #1
    SitePoint Addict bimalpoudel's Avatar
    Join Date
    Feb 2009
    Kathmandu, Nepal
    0 Post(s)
    0 Thread(s)

    Securing forms without CAPTCHA

    I want to keep the forms short, without the CAPTCHA. And, with some tricks, like checking server headers, I was able to control the spammers.

    Now a days, I find that spammers are researching my sites. Through several attempts, they have now specialized in cracking the systems. For example, the team at 213(.)5(.)71(.)86 is dedicated to crack my sites. I just don't like to black list their IP because, some day, it could be a legitimate user. And it is not possible to add all spammers IPs in the blacklist.

    I would like to discuss here some advanced ways to protect the pages without CAPTCHA and pick your ideas to come up with a really strong method.

    My latest model was using js/css/php/html for this.

    • pre-populate the "email" element with some dummy email address. Use a different name to collect the real email address.
    • Hide the element with css.
    • Using a javascript to remove it once the page is loaded.
    • Checking back if $_POST['email'] has some contents.
    • Checking Headers back (This was broken)

    I am safe at the moment now.

    If not they can break this automatically through their crawlers, I am sure any of the spammers team will be researching to crack my websites - because they know - if they are successful in doing so, they can send hundreds of emails within my networks, for free.

    I would like to know your ways.
    Last edited by bimalpoudel; Jul 12, 2010 at 11:42. Reason: info on spammer's crawlers added
    Bimal Poudel @ Sanjaal Framework over Smarty Template Engine

    Hire for coding support - PHP/MySQL


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts