1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

some bastard keeps spamming my contact us page

Discussion in 'Black Hat SEO' started by Bartman, Nov 23, 2011.

  1. Bartman

    Bartman Power Member

    Joined:
    Apr 24, 2010
    Messages:
    569
    Likes Received:
    131
    i have a contactus.html page and every day i keep receiving a message from someone saying "we can increase your website's rankings.."

    I dont want to install captcha because that would require me to change contactus.html to contactus.php , which wouldnt be a problem as long as 301 redirect, except that i have to find/replace contactus.html to contactus.php on hundreds of pages.

    I have tried introducing a math question (what is 3+1) but I am still receiving these messages.

    what can i do to stop receiving them? what are they using to do this? scrapebox cannot solve these math questions, can it?
     
  2. LongBanana

    LongBanana Regular Member

    Joined:
    Oct 23, 2009
    Messages:
    411
    Likes Received:
    247
    Location:
    Chicago, IL
    Well, captcha is the best way to go. But, you can just blacklist the email that is spamming you. Do you have them input an email?
     
  3. Crazy

    Crazy Jr. Executive VIP

    Joined:
    Jun 13, 2009
    Messages:
    640
    Likes Received:
    319
    Occupation:
    VB, C#, XHTML, CSS, PHP, MySQL, JavaScript, jQuery
    Location:
    Everywhere
    Since you're still using HTML, I assume you're using JavaScript to validate the answer to the equation? Perhaps your validation isn't working properly.
     
  4. tencentpiece

    tencentpiece Junior Member

    Joined:
    Nov 12, 2010
    Messages:
    110
    Likes Received:
    48
    You can just 301 the contactus.html page to contactus.php and that way you don't have to manually change all of the files.
     
    • Thanks Thanks x 1
  5. Bartman

    Bartman Power Member

    Joined:
    Apr 24, 2010
    Messages:
    569
    Likes Received:
    131
    yes, how do i blacklist it in php?

    here is the contact us script that i am using:
    Code:
    http://www.freecontactform.com/email_form.php
    and here is the code that i added for the math question, i know very little php.
    Code:
     if ($answer != 4) { $error_message .='sorry, you did not enter the security code correctly.'; } 
    
    
    by the way, i have also been meaning to ask this, how do i disallow html in the body of message?
     
  6. sfidirectory

    sfidirectory Senior Member

    Joined:
    Mar 29, 2010
    Messages:
    899
    Likes Received:
    483
    Occupation:
    Web developer/BTC enthusiast
    Location:
    php artisan make:migration
    Home Page:
    You could find out their I.P address and use .htaccess to ban them from visiting? But they are probably smart like alot of people are on here and visit each site while rotating proxies at the same time, so maybe a captcha might be a good idea (but even that can be easily negotiated around). I am banning over 10,000 problematic user agents and I.P addresses from visiting my sites, each one of them uses up a small amount of bandwidth and 10 visits might not use hardly any bandwidth but multiply that by over 100k and your web host provider might have problems with your site...
     
  7. Crazy

    Crazy Jr. Executive VIP

    Joined:
    Jun 13, 2009
    Messages:
    640
    Likes Received:
    319
    Occupation:
    VB, C#, XHTML, CSS, PHP, MySQL, JavaScript, jQuery
    Location:
    Everywhere
    Sorry I'm confused, I thought you wanted to keep the file extension as .html and not .php
     
  8. purewealthinc

    purewealthinc Regular Member

    Joined:
    May 3, 2010
    Messages:
    427
    Likes Received:
    383
    Occupation:
    Web Fishing
    Location:
    World Wide Web City
    I got the same situation.. i added a captcha plugin and they stopped spamming my contact page now, they're not a good spmmer because their spm sent to my contact page not in new post
     
  9. sfidirectory

    sfidirectory Senior Member

    Joined:
    Mar 29, 2010
    Messages:
    899
    Likes Received:
    483
    Occupation:
    Web developer/BTC enthusiast
    Location:
    php artisan make:migration
    Home Page:
    I think you are able to do regular expressions in .htacess files that redirect all incoming requests for .html files to their same-named .php counterparts...?
     
  10. Bartman

    Bartman Power Member

    Joined:
    Apr 24, 2010
    Messages:
    569
    Likes Received:
    131
    the page is in html, the script that emails the message is in php
     
  11. gianni

    gianni Junior Member

    Joined:
    Jul 8, 2010
    Messages:
    172
    Likes Received:
    80
    Why are some people like you incapable of using google?
    Seriously, in what world is it more optimal to make a forum post on blackhatworld and wait hours or even days for reply opposed to googling it and finding the solution IN SECONDS?

    http://lmgtfy.com/?q=redirect+html+to+php+htaccess
    First hit: http://css-tricks.com/377-how-to-redirect-indexhtml-to-indexphp/

    Code:
    rewriteengine on
    RewriteRule ^contactus\.htm$ contactus.php [NC,R]


    Also for future references:
    http://justfuckinggoogleit.com/
    It will save you a lot of time and trouble.



    p.s. You can make .html files executable, then they'll act just like php.
    I don't suggest doing it because it poses a potential security risk, but if you need to...

    Open .htaccess.
    Put this line inside
    Code:
    AddType application/x-httpd-php .html
     
    Last edited: Nov 23, 2011
  12. Crazy

    Crazy Jr. Executive VIP

    Joined:
    Jun 13, 2009
    Messages:
    640
    Likes Received:
    319
    Occupation:
    VB, C#, XHTML, CSS, PHP, MySQL, JavaScript, jQuery
    Location:
    Everywhere
    Perhaps because you have the answer hard coded and it's not random?

    A simple JavaScript solution for a random equation each page load would be something like this...

    Code:
    <html>
        <head>
            <script type="text/javascript">
                function validate(addend_a, addend_b)
                {
                    if(document.getElementById("answer").value != (addend_a + addend_b))
                    {
                        document.getElementById("error").innerHTML = "Incorrect. Please try again.";
                        setTimeout("document.getElementById(\"error\").innerHTML = \"\";", 500);
                        return false;
                    }
                    else
                    {
                        return true;
                    }
                }
                
                function generate_problem()
                {
                    var val_a = Math.floor(Math.random()*4) + 1
                    var val_b = Math.floor(Math.random()*4) + 1
                    document.getElementById("equation").innerHTML = val_a + " + " + val_b + " = <input type=\"text\" id=\"answer\" value=\"\" /> <span id=\"error\"></span><br /><br /><input type=\"submit\" value=\"Submit\" onClick=\"javascript:return validate(" + val_a + "," + val_b + "); \" />";
                }
            </script>
        </head>
        <body>
            <form name="contact" action="submit.php" method="POST">
                Email: <input type="text" name="email" value="" /><br />
                Message: <input type="test" name="message" value="" /><br />
                Are you human? Solve the equation correctly.<br />
                <span id="equation"></span>
                <script>generate_problem();</script>
            </form>
        </body>
    </html>
     
  13. itzcorky

    itzcorky Junior Member

    Joined:
    Nov 1, 2011
    Messages:
    140
    Likes Received:
    67
    Occupation:
    Being a Boss
    There is a very simple way to go about this. Just blacklist their IP from your host. I had someone back in the day doing this to me every single hour and it was annoying so I changed the submit button to redirect to a blue waffle picture lol.
     
  14. BHopkins

    BHopkins Moderator Staff Member Moderator Jr. VIP

    Joined:
    Dec 31, 2010
    Messages:
    2,311
    Likes Received:
    1,387
    Gender:
    Male
    Occupation:
    ORM and SEO company owner
    Location:
    California
    Home Page:
    Just set up a filter in gmail. It takes 2 minutes.
     
    • Thanks Thanks x 1
  15. jascoken

    jascoken Senior Member

    Joined:
    Nov 1, 2010
    Messages:
    1,135
    Likes Received:
    751
    Gender:
    Male
    Occupation:
    IT/Web Systems & Development...
    Location:
    Sussex:UK
    You can get creative on your anti-spam questions and use words instead of numbers for maths questions, and translate them in PHP, or ask human 'understanding' questions which most BOTs would find impossible to calculate; Like 'Traffic lights are red, yellow and ...'

    If all else fails, use email filtering. I have several networks of sites that I used to get loads of spam emails a day from - same SEO rankings crap as you. They all came to CPanel email accounts, so I just setup some user-level filtering in cPanel for 5 common phrases that appeared. All gone now! It doesn't stop the root of the problem, but it's quick and easy.