Dear Jon, cheers for your lines ... Am Montag 28 August 2006 02:31 schrieb Jon Anderson: > Guestbook spam (and comment spam) is something I'd like to try to > eliminate altogether myself. I don't think there are any > one-size-fits all solutions out there yet for detection/elimination. > I'd personally like to hear any effective solutions people have found > in PHP to combat this stuff. My approach here is to make a fuzzy decision if an entry is shown by default or needs a further check by myself before being published. > > In reference to the detection part; In my case, 95%+ of the spam > entries have links that contain one of about 5 words (casino, pharm, > drug, stock, or invest), so I could eliminate most spam by > automatically trashing all entries that contains a link with one of > those key words. I don't know if you're lucky enough to have spammers > as predictable as mine, so that may not be an effective solution for > anyone but me. Okay, these words occur also very often - but not exclusively - I could regards occurances of those words an criteria. > > In terms of destroying URLs, what happens when a real guest wants to > put a URL in their entry? Seems to me that you might be > overshooting... Well, my application is not exactly a Guestbook, and the field in question is not meant to display any URLs. There is a separate field to state an URL that is not displayed by default. > > You might be better off finding some way of preventing the data from > even entering the system, for example, a captcha type system. They > have accessibility problems, but I've read about solutions that use > simple JavaScript to automatically enter the captcha code into the > correct field and hide the captcha and the field so that the whole > process is transparent to the user (including users with screen > readers), whereas if JS is disabled, the captcha is shown and the > code must be entered. This is based on the assumption that current > spam robots that don't incorporate a JavaScript execution engine. Not > sure how effective it is, but it's an interesting idea. You are speaking of those skewed letters one has to retype before the action is taken? I'd like to see some code for it - however in my case I have the impression that it is real persons who enter the spam. Can I, by the way, collect the IP of the visitor in a PHP form? You might have realized: I am an absolute beginner with PHP. > > Anyone want to share some spam-fighting success stories? Yes, pleaze ;) Regards Ralf -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
