How to stop bot postings to guestlog??

B

bradsaxon

I have a website where I have a guestlog in use. There were recently several
posts for obvious spam that look to be computer generated. I manually went
into the guestlog file and deleted the posts, but they came back almost
immediately. Is there a way I can protect my site against such bot postings?
I talked to my hosting company and they said it is application side and not
server side.

Thanks in advance for your response.
 
C

Chris Leeds, MVP-FrontPage

TBMK you'd have to use some scripting to test for user agent (browser type)
and deny the page to non-standard (IE, Mozilla, Opera, Safari).
Probably not worth the work.

I've never seen a post about this on the board before. can you capture the
IP of the offender with your guest log? It may be an option in your
properties for that form.

HTH

--
Chris Leeds,
Microsoft MVP-FrontPage

Make More Money with Less Work
Let Your Clients Control Their Content With Just A Browser!
http://contentseed.com/
 
N

not me

I had the same problem. You may want to replace the post button with a
hyperlink to your email. Takes time, but is worth it.
 
T

Tom Pepper Willett

....as long as the email address appears in the html code, it's subject to
the "bots" finding it.
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
===
| I had the same problem. You may want to replace the post button with a
| hyperlink to your email. Takes time, but is worth it.
|
|
 
K

KC

I'm getting tons of these. All are Viagra ads. Does anyone have any
solutions for a non-programmer?
 
K

Kenny Caudill

I'm getting tons of these on my site. All are viagra ads. Can anyone
suggest any solutions for a non-programmer?

I create a guest book for each client and found 3 spam posts in 18 different
guestlogs. I deleted them 2 weeks ago and now there even more.

I may have to remove the guestbook option, I hate to have to limit offerings
due to spammers!

Kenny Caudill
 
T

Tom Pepper Willett

K

Kenny Caudill

I have no idea how these programs are finding my guestlog pages, but I am
going to try changing the name of the files where the the guestbook results
are stored. Maybe they are simply looking for files named guestlog.

Kenny
 
T

Tom Pepper Willett

If it's public, they will come ;-)
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
===
| I have no idea how these programs are finding my guestlog pages, but I am
| going to try changing the name of the files where the the guestbook
results
| are stored. Maybe they are simply looking for files named guestlog.
|
| Kenny
|
| "Tom Pepper Willett" wrote:
|
| > Sorry. You have no options with the FP Guestbook.
| > --
| > ===
| > Tom "Pepper" Willett
| > Microsoft MVP - FrontPage
| > ---
| > About FrontPage 2003:
| > http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| > FrontPage 2003 Product Information:
| > http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| > Understanding FrontPage:
| > http://msdn.microsoft.com/office/understanding/frontpage/
| > ===
| > | > | I'm getting tons of these. All are Viagra ads. Does anyone have any
| > | solutions for a non-programmer?
| >
| >
| >
 
I

IP

I have been battling the problem on one of my wesites for about a year. It
doesn't matter if you change the location of the page where guests enter the
data. Robots from spammers can autolocate them. The best solution I have
found so far is to use an .htaccess file. This is where you can add IP
addresses or complete IP block to a deny/allow list. Identify an offending IP
addres either by a weblog or including the origin IP in the guestbook field.

Here is an example of my most recent list:

<Limit GET POST>
order allow,deny
deny from 212.56.
deny from 212.138
deny from 213.223.
deny from 216.229.
deny from 202.56.227
deny from 61.
deny from 203.39.
deny from 200.168.
deny from 193.255.
deny from 80.65.
deny from 202.153.
deny from 200.21.
deny from 203.197.
deny from 201.14.
allow from all
</Limit>

I run an Apache server, but most other popular servers can make
use of the .htacces file.
It is a hidden file, and you will have to upload the file with an FTP program.
The higher up in the website domain you place the file, the most subdomains
are
protected.

In some FTP programs you will have to use a switch to be able to see this
hidden file. For example you will have to enter "-al" in the local/remote
file mask, which will then enable you to view the files.

I hope this helps.

IP
 
T

Thomas A. Rowe

FYI: .htaccess is not supported/used under Windows IIS.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
D

David Baxter

The problem is that you need to check to see whether FP has already
created an .htaccess file on the apache server. You can't see this in
FrontPage and when it is created it's created as a hidden file so use a
third party FTP program like AceFTP to list hidden files and copy it to
your local hard drive. Then ADD the lines below to the end of the
existing .htacess file and upload it back to the root directory.
 
K

KennyGK

I've had this happen to me several times, and finally got rid of the
guestbook, as porn sites, viagra, et-cetera kept posting almost immediately
after I cleaned it up.

Microsoft offers no hope to fix this anytime soon as far as I can see.

Ken
 
T

Thomas A. Rowe

What is Microsoft suppose to do about this? You would need to look at the log files for your site,
and then have your host block the individual IPs or IP blocks.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
S

slandman

I have used the modern version of Matt's Guestbook, and had the new entries
emailed to me instead of being posted immediately. Then I went to the (now
password protected) addurl and pasted in the legit guestbook entries. That
way nothing gets posted that I don't approve ahead of tim.

Stephen
 
V

vallon

Tom this is not about e-mail address'. It is about people/bots posting
unwanted web links in the guestbook, many of which are sex related and
embarassing to most web sites.
 
V

vallon

Do a little research Tom. I think there are options. You can ask the user
to read and key in the text which is displayed by a graphic or you could ask
and test for a question in the form. You could also paswword the guestbook.
There are a number of suggestions in this forum.

I do not understand why you have given the negative "no Hope" answer. I am
betting you like the word "can't".
 
T

Tom Pepper Willett

Provide the options.
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
===
| Do a little research Tom. I think there are options. You can ask the
user
| to read and key in the text which is displayed by a graphic or you could
ask
| and test for a question in the form. You could also paswword the
guestbook.
| There are a number of suggestions in this forum.
|
| I do not understand why you have given the negative "no Hope" answer. I
am
| betting you like the word "can't".
|
| "Tom Pepper Willett" wrote:
|
| > Sorry. You have no options with the FP Guestbook.
| > --
| > ===
| > Tom "Pepper" Willett
| > Microsoft MVP - FrontPage
| > ---
| > About FrontPage 2003:
| > http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| > FrontPage 2003 Product Information:
| > http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| > Understanding FrontPage:
| > http://msdn.microsoft.com/office/understanding/frontpage/
| > ===
| > | > | I'm getting tons of these. All are Viagra ads. Does anyone have any
| > | solutions for a non-programmer?
| >
| >
| >
 
T

Tom Pepper Willett

Provide the options.
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
===
| Tom this is not about e-mail address'. It is about people/bots posting
| unwanted web links in the guestbook, many of which are sex related and
| embarassing to most web sites.
|
| "Tom Pepper Willett" wrote:
|
| > ....as long as the email address appears in the html code, it's subject
to
| > the "bots" finding it.
| > --
| > ===
| > Tom "Pepper" Willett
| > Microsoft MVP - FrontPage
| > ---
| > About FrontPage 2003:
| > http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| > FrontPage 2003 Product Information:
| > http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| > Understanding FrontPage:
| > http://msdn.microsoft.com/office/understanding/frontpage/
| > ===
| > | > | I had the same problem. You may want to replace the post button with
a
| > | hyperlink to your email. Takes time, but is worth it.
| > |
| > |
| >
| >
| >
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Struggling with subweb 3
Frontpage Database Question 2
Recaptcha - question on how to use 4
How to restore address book? 0
how can I get Outlook to stop asking me to enable Instant Search 3
When publishing website updates, I receive a "server timed out" me 15
Information Rights Management - how to stop forwarding? 3
form and confirmation not working 1

Top