Re: Request.Form abuse
- From: "Juan T. Llibre" <nomailreplies@xxxxxxxxxxx>
- Date: Sun, 22 Oct 2006 08:04:57 -0400
re:
There are no fields within the <form> tag of the page that's being hit - only text and
hyperlinks...
They aren't hitting that form.
They're hitting your PostComment User Control : PostComment.ascx
Adding Captcha code to that control should get rid of that problem.
Juan T. Llibre, asp.net MVP
asp.net faq : http://asp.net.do/faq/
foros de asp.net, en español : http://asp.net.do/foros/
===================================
"Mark Rae" <mark@xxxxxxxxxxxxxxxxx> wrote in message news:%237JaSjb9GHA.4084@xxxxxxxxxxxxxxxxxxxxxxx
"Göran Andersson" <guffa@xxxxxxxxx> wrote in message news:OKDhDVZ9GHA.3736@xxxxxxxxxxxxxxxxxxxxxxx
Yes, that is common. If you have a form on a public web site, it will frequently be hit by script
robots that try to send spam mails or add spam into guestbooks and such.
So it seems...
:: Give the fields non-descriptive names, like "e28736482634" instead of "email". That makes it
harder for the spam script to determine the use of the fields, thus easier for you to filter out
the attempts.
There are no fields within the <form> tag of the page that's being hit - only text and
hyperlinks...
:: Spam messages often try to put links on your page, hoping that you don't html-encode the data
before displaying it, or that you have a special tag for links. Look for "<a href=" or "[url=" in
the messages.
There are loads of those - see my OP.
.
- Follow-Ups:
- Re: Request.Form abuse
- From: Mark Rae
- Re: Request.Form abuse
- References:
- Re: Request.Form abuse
- From: Mark Rae
- Re: Request.Form abuse
- Prev by Date: Re: Is IIS of windows xp safe?
- Next by Date: Re: Request.Form abuse
- Previous by thread: Re: Request.Form abuse
- Next by thread: Re: Request.Form abuse
- Index(es):
Relevant Pages
|
