Ticket #247 (new task)

Opened 12 years ago

Last modified 11 years ago

Fix Modsecurity - Comment Spamming required shutdown of anonymous ticket creation

Reported by: kmaclean Owned by: kmaclean
Priority: major Milestone: WebSite 0.2.1
Component: Web Site Version: Website 0.2
Keywords: Cc:

Description (last modified by kmaclean) (diff)

Comment Spamming required shutdown of anonymous ticket creation/updates and wiki creation/updates

Change History

comment:1 Changed 12 years ago by kmaclean

  • Description modified (diff)

comment:2 Changed 12 years ago by kmaclean

Preventing spam on your website without using captcha

  1. Add an input field to your form, with some interesting name, for example ‘SPAM’.
      <input name="SPAM" type="text" value=""/>
  1. Hide the input box using css so that users(genuine) cannot see it directly.

     <style>
      .invisible {
        display: none;
      }
      </style>
      <p class="invisible"><input name="SPAM" type="text" value=""/></p>
  1. While processing the form check if the “url” contains any value. If it does, reject the post or put it for moderation.

   if (strlen(trim($_POST['url'])) > 0){
      //It is a spam, reject this post here
      }
  1. works because geniune users cannot see a hidden input box on your form and therefore, they won’t fill it, while robots can.

comment:3 Changed 11 years ago by kmaclean

see Ticket #315

Note: See TracTickets for help on using tickets.