?t=Reg And Spammers

[plumberPHP]

In my web site; spammers are trying type ? T=reg in the address?

What are they trying to achieve?

[Muddy_Funster]

they are trying to force set the T varaiable on the page to =reg

[plumberPHP]

Thank you for answer Muddy_Funster.

1. Doing this what they will get?
   
2. How can I protect from this attack?
   

[Muddy_Funster]

without knowing what code is on the page in question I can't answer that.

[White_Lily]

More to the point, how do they even know that you have a T variable in your script in the first place? Unless you have tester's that are trying to break the script?

[Muddy_Funster]

  On 11/14/2012 at 2:36 PM, White_Lily said:

More to the point, how do they even know that you have a T variable in your script in the first place? Unless you have tester's that are trying to break the script?

because it's url variable and will be visible when someone legitimatle uses the site? just a guess.

[White_Lily]

Good point, maybe the OP should take a look into URL Rewrites, he might find something there to help him hide the values in the url.

[plumberPHP]

IT is a home page; where they trying to use? T=reg.

I do not have T variable in the code.

How do I know they have succussed?

[Muddy_Funster]

if there is nothing on the page that uses $_GET['T'] or $_REQUEST['T'] it shouldn't matter if it's there or not. Infact, if it's not there I would personaly add some code that has

if(isset($_GET['T'])){
die("This site has detected that your IP address : {$_SERVER['REMOTE_ADDR']} is atempting a security breach. This IP address has been logged and your ISP will be informed of this action.");
}

whether or not you do log and use the IP address is your call, but the stement alone usualy makes people less inclined to keep trying.

[plumberPHP]

Thank you for your help; I will do as u said.