I have a honeypot in there already, another reason I think it is human spam and not da bot. Gary "Bastien Koert" <phpster@xxxxxxxxx> wrote in message news:d7b6cab70910201337v5c18284aya022f48e139437b1@xxxxxxxxxxxxxxxxx > On Tue, Oct 20, 2009 at 4:12 PM, Ashley Sheridan > <ash@xxxxxxxxxxxxxxxxxxxx> wrote: >> On Tue, 2009-10-20 at 21:01 +0200, John Black wrote: >> >>> Gary wrote: >>> > I believe they are human spammers as all the input fields are >>> > correctly >>> > filled out (phone in phone, address in address etc). >>> > As I said they are mostly the same IP. >>> > Would it be better to include this script in the processing script >>> > rather >>> > than at the top of the page? >>> >>> >>> If it is fixed list of IPs you could add them to the .htaccess file like >>> this: >>> >>> order allow,deny >>> deny from xxx.xxx.xxx.xxx >>> allow from all >>> >>> This way it is handled by your webserver and you don't need to run a >>> script on every page. >>> >>> Keep in mind that a lot of comment spam is sent out from infected >>> machines. So if the IPs belong to a big ISP it is possible to block a >>> lot of users if you block the proxy. >>> Check the IPs via Arin to be sure >>> http://ws.arin.net/whois/ >>> I have noticed that a blocked spammer will sometimes reconnect from a >>> totally different IP and resubmit the same information. >>> >>> Regarding the properly filled out forms, spam bots are pretty good about >>> placing valid data into the correct fields, some are better then others. >>> >>> -- >>> John >>> >> >> >> I'd go with this method if you can, as it will take quite a load off of >> your servers. However, try not to be too liberal with it, as it may end >> up preventing genuine access if the spammers are coming from dynamic IP >> addresses. >> >> Thanks, >> Ash >> http://www.ashleysheridan.co.uk >> >> >> > > Add a hidden field that should not hold a value. Spam bots will try to > fill all fields with that value, so if there is one send back a 404 > message to the bot and dump the record > > -- > > Bastien > > Cat, the other other white meat > > __________ Information from ESET Smart Security, version of virus > signature database 4527 (20091020) __________ > > The message was checked by ESET Smart Security. > > http://www.eset.com > > > __________ Information from ESET Smart Security, version of virus signature database 4527 (20091020) __________ The message was checked by ESET Smart Security. http://www.eset.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
