I believe they are human spammers as all the input fields are correctly filled out (phone in phone, address in address etc). As I said they are mostly the same IP. Would it be better to include this script in the processing script rather than at the top of the page? Gary "Ashley Sheridan" <ash@xxxxxxxxxxxxxxxxxxxx> wrote in message news:1256063819.2359.4.camel@xxxxxxxxxxxx > On Tue, 2009-10-20 at 14:31 -0400, Gary wrote: > >> I have several sites that are getting hit with form spam. I have the >> script >> set up to capture the IP address so I know from where they come. I found >> a >> short script that is supposed to stop these IP addresses from accessing >> the >> form page, it redirects the spammer to another page (I was going to >> redirect >> to a page that has lots of pop-ups, scantily clad men and offers of joy >> beyond imagination), but someone suggested I redirect to the Federal >> Trade >> Commission or perhpas the FBI. >> >> Any thoughts on the script and its effectivness? >> >> <?php >> $deny = array("111.111.111", "222.222.222", "333.333.333"); >> if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) { >> header("location: http://www.google.com/";); >> exit(); >> } ?>Gary >> >> >> >> __________ Information from ESET Smart Security, version of virus >> signature database 4526 (20091020) __________ >> >> The message was checked by ESET Smart Security. >> >> http://www.eset.com >> >> >> >> >> > > > A few things immediately spring to mind: > > How are you being hit? Is it through an automated process (bot) on your > form, or a real person? > If you are being hit from bots, is it from a zombie network or a few > machines? > > If you are being hit by bots from a zombie, then this solution won't > work well, as the list of IP addresses you'll have will be huge, and > will potentially include many of your real visitors who didn't realise > their computer was not their own any more. > > If you are being hit by bots that are not part of a botnet, then > redirecting them to another page is essentially fruitless, as the bots > really don't care. > > If you are being hit by humans, then are the IP addresses always going > to relate to those same persons, or are they part of a dynamic range > that and ISP serves out amongst all of its customers? > > Thanks, > Ash > http://www.ashleysheridan.co.uk > > > > > > __________ Information from ESET Smart Security, version of virus > signature database 4526 (20091020) __________ > > The message was checked by ESET Smart Security. > > http://www.eset.com > > __________ Information from ESET Smart Security, version of virus signature database 4526 (20091020) __________ The message was checked by ESET Smart Security. http://www.eset.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
