[thelist] what's the hole in my contact form anti-spam?
Tony Crockford
tonyc at boldfish.co.uk
Thu Sep 10 02:12:24 CDT 2009
On 10 Sep 2009, at 04:50, Joel Canfield wrote:
>
>
> How? Why? What logic error have I made which is allowing random
> spammers to
> access the back end, sending us trash emails, bypassing my logic?
as Roberto said, the hidden field obviously is sent easily, *but* the
input for your spambot test question isn't even being tested…
and to make that work properly, test for it, and also make the
question random in the form.
so the form posts a series of randomly chosen easily answered
questions, and then check the contant of that form in the processor
against your array of possible answers.
that will make it slightly harder for spammers to send form content to
the processor directly - they won't know which questions you're using
today and which answers are correct….
More information about the thelist
mailing list