How can I block remote post to a form?

[greg]

Hi there,

I'm running a php based website and I'm getting a lot of remotely posts to the forms.  Is any way to prevent this using php or .htacces. Any tip o a site from where I should start?

Thank you in advance.

 

[fortnox007]

If you mean robots that stumble upon your site and post, Captcha is what your looking for. If the violaters arent numerous you could try to block there ip's with .htaccess (google for: Order deny + .htaccess). But captcha nicer i think

[greg]

No exactly robots but some malicious intruders. Blocking ip is not a common sense because they use proxies. Some one please elaborate on this.

Thanks

 

[trq]

Check the $_SERVER['HTTP_REFERER'] is your site.

[greg]

How I do that when the referring pages are dynamic?

[trq]

How I do that when the referring pages are dynamic?

 

You are surely aware of the valid address of the form posting to your processing script?

[shlumph]

You could even just check the referring domain name

[AbraCadaver]

Create a unique token on your form page, stick it in the session, add it as a hidden input to your form.  When submitted check that the hidden form field token matches the session token.  There are plenty of examples out there.

[greg]

Thank you!!!!!  Like I said, jkaiosdaxcss