Now What??? I think it's @$^% bots

[Sheetrum]

What do I do when someone has some "bots" filling out my contact form. The
IP's are from all over, New Jersey, California, Canada, Viet Nam, India,
etc.

The funny part is, the only thing that stays the same for each "contact" is
the phone number: 902113832

 

[Ronx]

Best:
Look at server side scripting to process the form, rather than FrontPage
extensions.
Incorporate some form of Captcha to validate the sender. The validation
should be done on the server, as well as on the client.
Captcha - http://en.wikipedia.org/wiki/Captcha , also Google for
captcha.

You could use a text only version, where a field is used to answer a
question such as:
"What colour is a black cat?" Validation (client and server side) will
look for the answer "black", allowing for upper/lower case differences,
leading and trailing spaces, etc.

Not so good:
As above, but only validate on the client - FrontPage extensions can be
used to process the form. The drawback here is that if the spammbots
ignore JavaScript, there is no validation.

 

[.._..]

Just rename the form file (i.e. contact.htm to contact_us.htm) and adjust
your links.

Those bots (submitting porn links right?) use a configuration file sent to
the zombies that was created earlier.

Rename the file and they cant find it for a while. (Until the poor sweatshop
worker comes back to reconfigure your form, the config files are manually
generated.)

Also, to avoid getting found again, rename your form fields to NOT use
"email" or "comments". Call it something else. "e-m-a-i-l" or something.
The search the guys who configure those uses keys on that data in the form.

Otherwise, use a server side solution with a captcha on it.

 

[Sheetrum]

OK...,

Now I have the captcha on the page, but I don't think I have the code
correct.

Be easy on me. I'm not very good with code. I do my best coding when I can
copy/paste.

 

[Sheetrum]

Sorry about that,

Here's the URL: http://www.sacredheartlanc.org/contact.htm

 

[Ronx]

First, delete
<script>
document.sh_contact.name.focus()
</script>

This will always give an error, since when this code is run the form
does not exist! It has not loaded yet.

Change <body bgcolor="#AC5959">
to
<body bgcolor="#AC5959" onload="document.sh_contact.name.focus()">

This does what the deleted script was meant to do.

These changes remove all the script errors from the page. However, the
Captcha you are using appears to do nothing. It does not prevent the
form from being submitted.

As far as I can work out from the reCaptcha pages, the reCaptcha
requires that you use a module on your server to verify the Captcha
information. I cannot see any way to use this with FrontPage extensions
or JavaScript.
--
Ron Symonds - Microsoft MVP (FrontPage)
Reply only to group - emails will be deleted unread.

http://www.rxs-enterprises.org/fp

FrontPage Support: http://www.frontpagemvps.com/

 

[Guest]

You can ban the ip if it is all from the same ip, you can put a password
protect to the page and realease it upon request, you can use php section
with a code to input before the form goes out. all depends on what you want
I can walk you through front page issues, just email me and I will phone
you, anywhere in north america and some countries (I have a great ph plan)
no charge free
(e-mail address removed)
http://moosecreekcenter.com/get_a_website1.htm

What do I do when someone has some "bots" filling out my contact form. The
IP's are from all over, New Jersey, California, Canada, Viet Nam, India,
etc.

The funny part is, the only thing that stays the same for each "contact" is
the phone number: 902113832