On 11-10-2012 22:18, Ashley Sheridan wrote:
I've been getting spam comments on my personal blog (runs on
self-written PHP blog software). I'd like to test some methods I've
devised to prevent or block it. Does anyone know of a very
lightweight
framework for simulating an automated "form fill-out" on a site?
Something where you could just add some code to designate the site
for
the "attack" and then what fields you wanted to send?
This should be a relatively simple task for PHP and curl, but I'm not
really familiar with the headers and that part of the HTTP
conversation.
Yes, I know this is a risky question for a public list. Feel free to
contact me privately if you think the answer shouldn't be in the
archives of a public list. Likewise, if you can point me to a source
of
quickly absorbable research on the subject. I frankly don't know how
I'd
google such a thing.
Paul
--
Paul M. Foster
http://noferblatz.com
http://quillandmouse.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
To avoid having to create your own anti-spam system, I recommend Akismet, which
weights posts allowing you to set a rejection threshold. The great thing is
that it is constantly improving over time.
I've recently looked into the more modern captcha systems. I personally
can't stand the "standard" captcha of having to decipher what characters
are present on a distorted image. The last few years I've noticed that
more and more often I can't decipher what an image is supposed to say.
And after a few tries of unsuccesful replying what the image says, I
just give up. This seems to be a reverse-Turing-test by now. Computers
being able to guess better than humans.
Anyway, I wrote my own captcha system. I've noticed that simple things
like "what is the capital of the USA?" and then being able to choose
"Hong-Kong, Washington or Rome" or a question like "Is water wet or
dry?" work very very well. Just make up a bunch of these, and then
randomly pick one to have people answer on your blog. It completely
stopped registration spam on my forum. Simply because bots don't
understand such questions.
- Tul
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
