spam on *base
Lukas
1lukas1 at gmail.com
Thu Jun 23 17:02:44 UTC 2011
http://lydgate.org/blogs/?p=283
* Is the spam done by bots (replacing entire page), or it looks like like
manual "jobs" inserting random bits of spam into genuine code?
* post mentions deletes. Could it be that deletes are done by search bots
crawling the pages and hitting .php?action=delete links?
In most cases spam can be prevented by adding empty hidden (by css, not html
attribute) field. If it comes with any text -> its a spam bot.
Also by replacing all edit links with .php?action=ban_me in html template
and restoring them with JS on onLoad (spam bots does not run JS, so can't
see real links).
Or using tokens $token = md5('page_id'.$random_bit.$secret).'-'.$random_bit,
so the can validate forms (in case if bots knows destination URL and posts
directly there)
Lukas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kde-www/attachments/20110623/ecf50e83/attachment.html>
More information about the kde-www
mailing list