spam on *base

Lukas 1lukas1 at gmail.com
Thu Jun 23 17:02:44 UTC 2011


http://lydgate.org/blogs/?p=283

* Is the spam done by bots (replacing entire page), or it looks like like
manual "jobs" inserting random bits of spam into genuine code?
* post mentions deletes. Could it be that deletes are done by search bots
crawling the pages and hitting .php?action=delete links?

In most cases spam can be prevented by adding empty hidden (by css, not html
attribute) field. If it comes with any text -> its a spam bot.
Also by replacing all edit links with .php?action=ban_me in html template
and restoring them with JS on onLoad (spam bots does not run JS, so can't
see real links).
Or using tokens $token = md5('page_id'.$random_bit.$secret).'-'.$random_bit,
so the can validate forms (in case if bots knows destination URL and posts
directly there)

Lukas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.kde.org/mailman/private/kde-www/attachments/20110623/ecf50e83/attachment.html>


More information about the kde-www mailing list