some bastard keeps spamming my contact us page

Bartman

Power Member
Joined
Apr 24, 2010
Messages
569
Reaction score
131
i have a contactus.html page and every day i keep receiving a message from someone saying "we can increase your website's rankings.."

I dont want to install captcha because that would require me to change contactus.html to contactus.php , which wouldnt be a problem as long as 301 redirect, except that i have to find/replace contactus.html to contactus.php on hundreds of pages.

I have tried introducing a math question (what is 3+1) but I am still receiving these messages.

what can i do to stop receiving them? what are they using to do this? scrapebox cannot solve these math questions, can it?
 
Well, captcha is the best way to go. But, you can just blacklist the email that is spamming you. Do you have them input an email?
 
Since you're still using HTML, I assume you're using JavaScript to validate the answer to the equation? Perhaps your validation isn't working properly.
 
You can just 301 the contactus.html page to contactus.php and that way you don't have to manually change all of the files.
 
Well, captcha is the best way to go. But, you can just blacklist the email that is spamming you. Do you have them input an email?

yes, how do i blacklist it in php?

here is the contact us script that i am using:
Code:
http://www.freecontactform.com/email_form.php
and here is the code that i added for the math question, i know very little php.
Code:
 if ($answer != 4) { $error_message .='sorry, you did not enter the security code correctly.'; }
by the way, i have also been meaning to ask this, how do i disallow html in the body of message?
 
You could find out their I.P address and use .htaccess to ban them from visiting? But they are probably smart like alot of people are on here and visit each site while rotating proxies at the same time, so maybe a captcha might be a good idea (but even that can be easily negotiated around). I am banning over 10,000 problematic user agents and I.P addresses from visiting my sites, each one of them uses up a small amount of bandwidth and 10 visits might not use hardly any bandwidth but multiply that by over 100k and your web host provider might have problems with your site...
 
and here is the code that i added for the math question, i know very little php.
Code:
 if ($answer != 4) { $error_message .='sorry, you did not enter the security code correctly.'; }
by the way, i have also been meaning to ask this, how do i disallow html in the body of message?

Sorry I'm confused, I thought you wanted to keep the file extension as .html and not .php
 
I got the same situation.. i added a captcha plugin and they stopped spamming my contact page now, they're not a good spmmer because their spm sent to my contact page not in new post
 
You can just 301 the contactus.html page to contactus.php and that way you don't have to manually change all of the files.

I think you are able to do regular expressions in .htacess files that redirect all incoming requests for .html files to their same-named .php counterparts...?
 
Sorry I'm confused, I thought you wanted to keep the file extension as .html and not .php
the page is in html, the script that emails the message is in php
 
Why are some people like you incapable of using google?
Seriously, in what world is it more optimal to make a forum post on blackhatworld and wait hours or even days for reply opposed to googling it and finding the solution IN SECONDS?

http://lmgtfy.com/?q=redirect+html+to+php+htaccess
First hit: http://css-tricks.com/377-how-to-redirect-indexhtml-to-indexphp/

.htaccess ReWrite

Just add this rule to the .htaccess file and the redirect will happen server-side real quick and easy like.
Code:
rewriteengine on
RewriteRule ^contactus\.htm$ contactus.php [NC,R]



Also for future references:
http://justfuckinggoogleit.com/
It will save you a lot of time and trouble.



p.s. You can make .html files executable, then they'll act just like php.
I don't suggest doing it because it poses a potential security risk, but if you need to...

Open .htaccess.
Put this line inside
Code:
AddType application/x-httpd-php .html
 
Last edited:
Perhaps because you have the answer hard coded and it's not random?

A simple JavaScript solution for a random equation each page load would be something like this...

Code:
<html>
    <head>
        <script type="text/javascript">
            function validate(addend_a, addend_b)
            {
                if(document.getElementById("answer").value != (addend_a + addend_b))
                {
                    document.getElementById("error").innerHTML = "Incorrect. Please try again.";
                    setTimeout("document.getElementById(\"error\").innerHTML = \"\";", 500);
                    return false;
                }
                else
                {
                    return true;
                }
            }
            
            function generate_problem()
            {
                var val_a = Math.floor(Math.random()*4) + 1
                var val_b = Math.floor(Math.random()*4) + 1
                document.getElementById("equation").innerHTML = val_a + " + " + val_b + " = <input type=\"text\" id=\"answer\" value=\"\" /> <span id=\"error\"></span><br /><br /><input type=\"submit\" value=\"Submit\" onClick=\"javascript:return validate(" + val_a + "," + val_b + "); \" />";
            }
        </script>
    </head>
    <body>
        <form name="contact" action="submit.php" method="POST">
            Email: <input type="text" name="email" value="" /><br />
            Message: <input type="test" name="message" value="" /><br />
            Are you human? Solve the equation correctly.<br />
            <span id="equation"></span>
            <script>generate_problem();</script>
        </form>
    </body>
</html>
 
i have a contactus.html page and every day i keep receiving a message from someone saying "we can increase your website's rankings.."

I dont want to install captcha because that would require me to change contactus.html to contactus.php , which wouldnt be a problem as long as 301 redirect, except that i have to find/replace contactus.html to contactus.php on hundreds of pages.

I have tried introducing a math question (what is 3+1) but I am still receiving these messages.

what can i do to stop receiving them? what are they using to do this? scrapebox cannot solve these math questions, can it?

There is a very simple way to go about this. Just blacklist their IP from your host. I had someone back in the day doing this to me every single hour and it was annoying so I changed the submit button to redirect to a blue waffle picture lol.
 
You can get creative on your anti-spam questions and use words instead of numbers for maths questions, and translate them in PHP, or ask human 'understanding' questions which most BOTs would find impossible to calculate; Like 'Traffic lights are red, yellow and ...'

If all else fails, use email filtering. I have several networks of sites that I used to get loads of spam emails a day from - same SEO rankings crap as you. They all came to CPanel email accounts, so I just setup some user-level filtering in cPanel for 5 common phrases that appeared. All gone now! It doesn't stop the root of the problem, but it's quick and easy.
 
Back
Top