[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spam resistent guestbook ?

El lun, 25-09-2006 a las 20:01 -0400, Marty Landman escribió:
> At 07:54 PM 9/25/2006, Craig Sanders wrote:
> >3. randomise the name of the main input field, and have it change every
> >day (or every few hours). e.g. instead of hard-coding the field name,
> >have the CGI script fetch the current name of the field from a text
> >file. the script can then generate the form with the random field name
> >AND know which field name to get the user-submitted post from.
> Hey that's a clever one Craig. I'm the author of some simple OS web 
> apps including a guestbook and spam is a #(*&%# pita. But I like this.
> Hmm, if I was a hacker jerk maybe I'd make the posting positional and 
> then disregard field name entirely. Of course you could also 
> randomize the sequence of the fields, but spammers don't even care 
> about format, they just want search engines to index their crapola afaik.


* Randomize the normal input fields. Or to set abnormal names.

* Set normal names (name, email, comment, etc. etc) to HIDDEN form

* if you receive the form with these hidden fields set, then the user is
a robot.

explorer@aprosi.net                              Administrador
Asesora y Proveedora de Servicios de Internet.      Aprosi.Net

Reply to: