Results 1 to 5 of 5

Thread: Form Spam

  1. #1
    Join Date
    Oct 2013
    North Georgia

    Form Spam

    Hey Guys,

    I'm here to seek the help of some experts.

    I have been receiving spam through one of my websites contact form. I can't understand why this person is spamming me, as they never include a link to their page, just a name, and a fake/random email address. The form emails the contents anyways, so it would never post to my website even if they were.

    Here are the steps I have taken:
    Manually reviewed IP address, and blocked all from spammer. They get a new IP within minutes. All different states and different ISPs.
    Reviewed and blocked common referrer's. This has rendered pointless as they have a new referrer with each submission.
    Set CloudFlare to the highest security setting possible.
    Inserted a manual blacklist blocking common fake email domains they were using (123.com, gov.com, abc.com, etc.)
    Changed internal CAPTCHA to ReCAPTHCA.
    Using "hidden field" spam prevention.
    Used HTAccess to block most proxy services. Again, pointless.

    There are no patterns to the submissions. Fake names, and fake emails, along with new referrers, new IPs, new User-Agents. It's making me go insane.

    All of my checks are done client side, and checked again server side in the event javascript is disabled.

    For the life of me, I cannot figure out how to block this person, or understand why they are spamming me to begin with. I thought maybe it was referrer spam, but my logs are not accessible, and the referrer's site can also be generic, like Yahoo. The only reason I can tell it is the same person, is because the volume, and the fact that the names always have a middle initial, and the emails are always capitalized the same way "FirstMLast@Somedomain.com".

    I manage over 300 sites, similar in product and audience and all using the same form code, and this is the only site experiencing this issue.

    It started out as annoying, but now it has become problematic, as my sales staff is having to filter through dozens of these a day, to find out that they are not legitimate request.


    Any help/insight would be greatly appreciated.

  2. #2
    Join Date
    Oct 2013
    North Georgia
    Any experts out there?


  3. #3
    Join Date
    Nov 2006
    Springfield, MO
    Has to be related to your form. Reads like a spam bot, that just keeps hitting your site. Which leads me to believe your CAPTCHA isn't working properly, as that should stop it. I don't use CAPTCHA's because I find them problematic from an accessibility stand point. I'd double check to make sure all server-side code is executing properly. If all sites implement the same functionality and just one site is causing problems, there's something amiss in that code base.
    Ryan Butler

    Ryan Butler.org

  4. #4
    Join Date
    Oct 2013
    North Georgia
    Hey Ryan,

    Thank you for your reply.

    I have looked into this further since your reply, and everything is executing identically. The coding is also the same as the other forms without any breaks or vulnerabilities.

    It could be manual entry, but I don't understand the reason. As I said, the contents of this form are never printed publicly, only emails to the sales manager.

    It makes no sense. Referrer spam is the only thing I can think, but as mentioned, my logs are private.


  5. #5
    Join Date
    Nov 2013
    That technique might work, but it might block people you don't want to block.

    I've figured out a better way. It stops form spammers in their tracks on every site I have put it on. And it is all free. Just visit this page to see what the form spammers will see; then look at the details on the 'info' page.

    All free, open source. And it works. I suspect it will be copied, but don't care. Here's where to start: http://formspammertrap.com . There's not even advertising on that site, and I don't capture your contact info.


Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
HTML5 Development Center



X vBulletin 4.2.2 Debug Information

  • Page Generation 0.08816 seconds
  • Memory Usage 2,883KB
  • Queries Executed 15 (?)
More Information
Template Usage (32):
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_global_above_footer
  • (1)ad_global_below_navbar
  • (1)ad_global_header1
  • (1)ad_global_header2
  • (1)ad_navbar_below
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (1)ad_thread_first_post_content
  • (1)ad_thread_last_post_content
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)headinclude_bottom
  • (5)memberaction_dropdown
  • (1)navbar
  • (4)navbar_link
  • (1)navbar_moderation
  • (1)navbar_noticebit
  • (1)navbar_tabs
  • (2)option
  • (5)postbit
  • (5)postbit_onlinestatus
  • (5)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available (6):
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files (26):
  • ./showthread.php
  • ./global.php
  • ./includes/class_bootstrap.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/functions_navigation.php
  • ./includes/class_friendly_url.php
  • ./includes/class_hook.php
  • ./includes/class_bootstrap_framework.php
  • ./vb/vb.php
  • ./vb/phrase.php
  • ./includes/functions_facebook.php
  • ./includes/functions_calendar.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_notice.php
  • ./packages/vbattach/attach.php
  • ./vb/types.php
  • ./vb/cache.php
  • ./vb/cache/db.php
  • ./vb/cache/observer/db.php
  • ./vb/cache/observer.php 

Hooks Called (72):
  • init_startup
  • friendlyurl_resolve_class
  • init_startup_session_setup_start
  • database_pre_fetch_array
  • database_post_fetch_array
  • init_startup_session_setup_complete
  • global_bootstrap_init_start
  • global_bootstrap_init_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • load_show_variables
  • load_forum_show_variables
  • global_state_check
  • global_bootstrap_complete
  • global_start
  • style_fetch
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • strip_bbcode
  • friendlyurl_clean_fragment
  • friendlyurl_geturl
  • forumjump
  • cache_templates
  • cache_templates_process
  • template_register_var
  • template_render_output
  • fetch_template_start
  • fetch_template_complete
  • parse_templates
  • fetch_musername
  • notices_check_start
  • notices_noticebit
  • process_templates_complete
  • friendlyurl_redirect_canonical
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • memberaction_dropdown
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • build_navigation_data
  • build_navigation_array
  • check_navigation_permission
  • process_navigation_links_start
  • process_navigation_links_complete
  • set_navigation_menu_element
  • build_navigation_menudata
  • build_navigation_listdata
  • build_navigation_list
  • set_navigation_tab_main
  • set_navigation_tab_fallback
  • navigation_tab_complete
  • fb_like_button
  • showthread_complete
  • page_templates