[ic] A spam trap for "contact us" pages
Gert van der Spoel
ic at 3edge.com
Sat Oct 29 14:39:49 EDT 2005
Kevin Walsh writes:
> I thought I'd share a handy tip here, for anyone who has some sort
> of "contact us" page on their website.
>
> Put this on the page that shows your "contact us" form:
>
> [set post_allowed]1[/set]
>
> Put this at the top of your form catcher page (mv_nextpage):
>
> [if !scratch post_allowed]
> [bounce page="spam_trap"]
> [/if]
>
> With the above in place, nobody can create a script to emulate the
> form and automatically post junk unless (1) the script first makes
> a visit to the actual form, and (2) makes use of the session ID in
> their subsequent visit to your mv_nextpage. Ordinary users will not
> be affected by this at all.
>
> The "spam_trap" page should send something incriminating to an abuse
> log. For instance, you should log the scumbag's IP address, the
> message text and the content of all of the other fields prompted for
> by your form. A short message in the error.log file is also a good
> idea.
Useful stuff Kevin! I'll be using it in my contact page :)
CU,
Gert
More information about the interchange-users
mailing list