I added another filter today... I have always checked all form submissions for the bad keywords but I noticed that many of the attacks seem to start with them entering 1 or -1 as the first and or last name. Probably too lazy to put more keystrokes in when they are setting up the script. So now if a 1 or -1 is entered in any field that has the word "name" within the field name, they get added to my list of banned IP addresses and if they go to any page on any of the websites I run, they get an error page that looks like the website is down
Anyone else seeing a lot of form submissions with -1 or 1 as the name? At 08:48 AM 2/16/2013, you wrote: >What would be an appropriate length of time for a session variable >for a hacker who's doing what you described: > >"If they read in the form page and then submit it using a script for >many days without re-reading the original form it will appear to the >server that they took days to fill." > >Would the same hold true for session session variables? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:354556 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm