Well, as I said, the answer to this (as it is for a lot of things on the web) is not one but a combination of tactics.
The ban ip thing might not be the bees knees for this but it sure helps with the kind of thing i THOUGHT he was describing. I've been able to almost eliminate spam entries from my gurestbook/contact us forms (ok i havent almost eliminated , lets say dramatically reduced then) across my sites. On one client's site for example, their guestook was choking to death with thousands of entries all spam, and now it's fewer than 5-6 spam entries a month. I have a database of 9600 or so ip addresses that i wont accept input from on any of my sites. As time goes on it gets more and more effective. Anyway, whatever solves the Michael's problem I feel sure is going to be a combination of things, not just the one. Cheers Mike Kear Windsor, NSW, Australia Adobe Certified Advanced ColdFusion Developer AFP Webworks http://afpwebworks.com ColdFusion 8 Ent, PHP 4 and 5, ASP, ASP.NET hosting from AUD$15/month On Thu, Aug 7, 2008 at 9:20 PM, Dave Watts <[EMAIL PROTECTED]> wrote: >> I konw you havent described a SQL injection ... > > No, that's exactly what he described. The attack appends JavaScript to > character fields. And, unfortunately, blocking specific IP addresses won't > get you very far here, because it's a random, automated attack run from > compromised hosts in a botnet, I think. > > Dave Watts, CTO, Fig Leaf Software > http://www.figleaf.com/ > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Adobe® ColdFusion® 8 software 8 is the most important and dramatic release to date Get the Free Trial http://ad.doubleclick.net/clk;203748912;27390454;j Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:310342 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
