On Fri, 2012-10-12 at 01:59 +0200, Maciek Sokolewicz wrote: > On 11-10-2012 22:18, Ashley Sheridan wrote: > >>> I've been getting spam comments on my personal blog (runs on > >>> self-written PHP blog software). I'd like to test some methods I've > >>> devised to prevent or block it. Does anyone know of a very > >> lightweight > >>> framework for simulating an automated "form fill-out" on a site? > >>> Something where you could just add some code to designate the site > >> for > >>> the "attack" and then what fields you wanted to send? > >>> > >>> This should be a relatively simple task for PHP and curl, but I'm not > >>> really familiar with the headers and that part of the HTTP > >> conversation. > >>> Yes, I know this is a risky question for a public list. Feel free to > >>> contact me privately if you think the answer shouldn't be in the > >>> archives of a public list. Likewise, if you can point me to a source > >> of > >>> quickly absorbable research on the subject. I frankly don't know how > >> I'd > >>> google such a thing. > >>> > >>> Paul > >>> > >>> -- > >>> Paul M. Foster > >>> http://noferblatz.com > >>> http://quillandmouse.com > >>> > >>> -- > >>> PHP General Mailing List (http://www.php.net/) > >>> To unsubscribe, visit: http://www.php.net/unsub.php > >>> > > > > To avoid having to create your own anti-spam system, I recommend Akismet, which weights posts allowing you to set a rejection threshold. The great thing is that it is constantly improving over time. > > > I've recently looked into the more modern captcha systems. I personally > can't stand the "standard" captcha of having to decipher what characters > are present on a distorted image. The last few years I've noticed that > more and more often I can't decipher what an image is supposed to say. > And after a few tries of unsuccesful replying what the image says, I > just give up. This seems to be a reverse-Turing-test by now. Computers > being able to guess better than humans. > > Anyway, I wrote my own captcha system. I've noticed that simple things > like "what is the capital of the USA?" and then being able to choose > "Hong-Kong, Washington or Rome" or a question like "Is water wet or > dry?" work very very well. Just make up a bunch of these, and then > randomly pick one to have people answer on your blog. It completely > stopped registration spam on my forum. Simply because bots don't > understand such questions. > > - Tul There's a slight irony that this message got posted to the list 5 times, given the topic :p -- Thanks, Ash http://www.ashleysheridan.co.uk
