kev wood Posted March 10, 2009 Share Posted March 10, 2009 what is the best way to stop bots filling in forms and registering on sites? Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/ Share on other sites More sharing options...
Maq Posted March 10, 2009 Share Posted March 10, 2009 Use CAPTCHA, ask a simple question, use email verification. Look at some other sites registration forms to get some good ideas. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781285 Share on other sites More sharing options...
kickstart Posted March 10, 2009 Share Posted March 10, 2009 Hi Many ways, but if someone is determined enough they will code for your particular page. Captchas work OK, although some of these can be automatically decoded. You can ask a question which a human can answer and a bot would need to be programmed with. You can save the time the form was sent and reject it is returned too quickly (or too slowly to stop them using a saved copy of the form). You can use variable field names which makes it far harder for the bot to fill in the form. I am sure there are loads more suggestions. Nothing on its own is likely to stop all bots but you can make life more difficult for them. All the best Keith Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781288 Share on other sites More sharing options...
JonnoTheDev Posted March 10, 2009 Share Posted March 10, 2009 You can save the time the form was sent and reject it is returned too quickly (or too slowly to stop them using a saved copy of the form). Won't work. A simple delay would get past this. Bots are cleverer than this and designed to mimic a human. You can use variable field names which makes it far harder for the bot to fill in the form. Bots usually read the form prior to submitting. Field names will be extracted. You can ask a question which a human can answer and a bot would need to be programmed with. Math questions are the easiest to get through. Any other type of questions a real user may not know the answer to also. The best method is recaptcha http://recaptcha.net/ Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781295 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 this is the best one on the net, as it gone throw many hands, to get it right, to prevent spammers from getting in. http://www.querythe.net/Animated-Gif-Captcha/ also i recommend, when a user logs in, use a special number via the database , and get the user to enter it via a drop down . Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781299 Share on other sites More sharing options...
premiso Posted March 10, 2009 Share Posted March 10, 2009 EMail verification may work to thwart bots from making up addresses. But chances are the email they use is sent to a server that can parse that and answer the email. Even if you get bots taken care of, you still have to worry about actual humans spamming, which is near impossible to stop. You have to be active in clearing it out etc. You can setup alerts by keywords etc, but yea. Welcome to the disappointment of Mal-Bot use. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781301 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 There is a way around it, keep a log on who posting what to who, if the post's continue delete them. welcome to the world off being a web site administrator. Tell you what, Charge new user's a fee to join that diffidently stop it. otherwise don't be lazy and administrate your web site correctly, if it your bread and butter. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781302 Share on other sites More sharing options...
revraz Posted March 10, 2009 Share Posted March 10, 2009 I personally like the simple question/answer method. Very few bot programmers will keep changing it when you do, so they usually stay away from those types. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781308 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 There is a beta on the net, where a user is asked a question, where you select the picture to the an saw, not tried it but it exists. you can also get talking capcha where the user has to write in the box what the, audio is saying. comes down to preference again. if you want a good i dear but be a pain to all user's not rely recommended , every time a message is sent get them to hit a link from there email address to confirm the email. if the email is confirmed send the message. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781311 Share on other sites More sharing options...
kev wood Posted March 10, 2009 Author Share Posted March 10, 2009 the site that i am building may have issues using the captcha animated gif method as people with learning difficulties may use the site also and doing simple arithmetic may not be there strong point. i no this is now sounding almost impossible but i am open to suggestions. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781313 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 if nothing on this page can an saw your question then sorry i can not suggest any think else my god we have nearly mention everything man. we have also provided you with not just i dears but also links we use in our own projects. what else can i say. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781315 Share on other sites More sharing options...
kev wood Posted March 10, 2009 Author Share Posted March 10, 2009 no i no there is some great ideas on this page i put that post up while other people had posted i am grateful for the replies on here. just want to make sure der is no stone unturned so i have a full understanding of all the different ways this can be done. when i come to do this i will have to make sure that people who maybe blind, deaf, have learning difficulties, have bad eyesight or anything else you can thing off will be able to register. i am also not stupid and realise that the option i choose will more than likely alienate one group of people but i want to make sure that i have looked into all possible ways of doing this. i am not ignoring what is being posted just want to know more ways of doing this if there is any. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781320 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 I got one more to add but it a future propsel that i beleve will be standard in years to come. Evrey time a user wants to send a message, on a web site, you send them a text to there mobile phone, The message will be a word that relates to a word that has been set to there id and a database field, when the user enters the word from there mobile phone the message is sent. cost money but guess what does exist. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781324 Share on other sites More sharing options...
kickstart Posted March 10, 2009 Share Posted March 10, 2009 Won't work. A simple delay would get past this. Bots are cleverer than this and designed to mimic a human. It has worked on one site I use. Probably about half the rejections (I log them) are due to the lack of delay. Bots usually read the form prior to submitting. Field names will be extracted. True, but that makes one more thing that they have to code for when writing a script to spam your site (rather than just hard coding your form), and then you can occasionally play with the template to make it harder for them to work out what fields to extract. Math questions are the easiest to get through. Any other type of questions a real user may not know the answer to also. Depends on the site, and a maths question is probably easier to calculate by a bot. Nothing on its own will stop a determined bot. But for most sites nobody would bother writing a site specific bot or if they did it would likely not be that detailed. The biggest risk is sites that use a common template (eg, all the various bulletin boards, of which there are hundreds of thousands installed). Standard setup once coded for a bot will just be hammered all over the place, yet small changes to the standard will escape. All the best Keith Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781329 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 What about a real simple approach, when a user joins send them a word that relates to a question you ask them at registration. once the word is matched via the database then send the message. I did setup a web site, that was for disable people, for the blind and death and i used 3rd party tolls, it was a challenge but i got there. the whole off the web site spoke to you, it was fun but very time consuming. for the death i had to use, sign language animation gif's/ and scrolling text words. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781336 Share on other sites More sharing options...
kev wood Posted March 10, 2009 Author Share Posted March 10, 2009 thanks for all your replies i will go through all the replies and try to work out which one will alienate the least amount of people. thank you all again for the enlightenment on stopping the bots as best possible. i will mark this solved. someone should put all the ideas together in one post and make it a sticky post so all can see the various ways of stopping the bots. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781342 Share on other sites More sharing options...
racer x Posted March 10, 2009 Share Posted March 10, 2009 Ha! Pretty soon I imagine we'll need to put some kind of virtual keyboard on the display screen that would be the only way users could enter name and email info! The text would be input as character "images", not actual text. The form wouldn't allow ANY text input in any other way. Then the actual message could be "recorded" live? Why do I think out loud? We must fight this never-ending battle!! Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781344 Share on other sites More sharing options...
JonnoTheDev Posted March 10, 2009 Share Posted March 10, 2009 Again http://recaptcha.net/ Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781345 Share on other sites More sharing options...
redarrow Posted March 10, 2009 Share Posted March 10, 2009 as time goes on yes, there be loads off other ways to stop spammers, but unfortunately, there brains also move forward. If packet sniffing get any more powerful, and exploits all ssl information then we are all in crap no matter what. scary...... please also remember there are also commercial capt ca, on the market that have everything your asking in one package. use Google my friend. ps. quit funny how we never talk about paid integrations. printing this page as we speak, good i dears on here. Quote Link to comment https://forums.phpfreaks.com/topic/148789-solved-stopping-spammers/#findComment-781351 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.