Matthias Hertzog wrote:
b) Web-user has to enter a unique number (generated image) in the form
to prove, he's a human being.
Works fine, but you think of the visually impaired. There are captchas
which provide the number also as sound. But I wouldn't use captchas on
business websites, it's to annoying for the users to type in the number.
c) Badword-Filtering in the formmail-script, some reqular expressions
a.s.o.
Often it helps if you give the fields "unsuspicious" names. "meinfeld4"
instead of "recipient" and so on...
I use mod_security [1] with the rules from gotroot.com. mod_security
blocks the spam before the form gets processed. Additionally, it
protects the server from SQL-injection and other attacks.
Greets,
Manuel
[1] http://www.modsecurity.org/
_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
