A Websites fight against Spambots, Spammers and Hackers.
• Here is a link to a page, where these two pages are in a Ajax Spry Panel• Spry Tabbed Panel
I have had to remove my Discus Message Board and my Vizbook Guestbook to stop the Comment spambots from spamming
them. This is a Global Internet problem right now, any input form that is accessible to spambots, is at risk. If the spambots do
not get to them, then the individual graffiti spammer will leave stuff. If you have a web site you are experiencing all these problems. I have installed a new Guestbook that includes what is called Captcha, what is it ? A test to tell what is Human and what is a Computer automated program. You can check it out on the sign in page of the Guestbook. A link to the Captcha Project
Next I put in a robot.txt file, which should be read by every bot or spider that enters the site, it tells them where not to go on the site, the bad bots do not read the robot file. These are the bad bots and need to be blocked or punished for not following the rules. Next I made sure to put the Robot-nofollow-noindex in Meta tags of the pages that the robot.txt file listed. You can view the contents of the robot.txt file on my home page, the robot.txt checker button. Well that should stop bots from going to pages that I list and they should no longer be listed on the search engines for a spammer to find, ya sure lol. Link to the Robots.txt org page
The next thing I did was make sure I named the files in the denied folders something different then what would be obvious, such as, if it is a Guestbook, name it something else, like fishing.html, so it isn't so obvious as to what it is.
So I'm lol, yup cause I am not done yet. Next, yep there is more, I put some code in what is called a .htaccess file, this contains some code that will deny (BAD BOTS) or (BAD USERS) or allow all good users to enter my site, they are always changing the names and creating new scripts (Bots) to run on the web, some will even write a script (Bot) just to crawl a certain site, telling it what to put into what forms, devious hey. A bot or a spider is a script or program such as your Windows Search program, only these search the Internet and indexes all the pages that are not listed in the robot.txt files and puts them in a huge data base. When you do a search on Google, you are accessing that data base of indexed pages. Bad Bots do not look at the robot.txt file, they search for scripts or form fields to enter the info in or hack the script to deface a page. You have all
seen the viaga, poker, etc links, multiple Links in a row, sometimes 20 or 40 in a row every day, sorry, flash back of all the entries I had to delete, anyways, on Guestbooks and Message Boards and yes Email Spam. We are all lucky to get those,-----NOT---, that is another topic that I am not going to get into here, got enough to do with the Spambots, but setup disposable email addresses, ones that you can go to, but you can delete, once the spammers get it and they will. PLEASE do not send someone a page using the sites, Hey email this to your friends using this form, I promise not to spam them. Just fill in this form, (Oh but this friend of mine Spammer X, lol, buys them from me, he he), don't do that people.
So back to the Spambots, the htaccess file denies them access, if and that is a BIG IF I have them listed in the htaccess file. One site has about a 1000 entries lol. You can block IP addresses to, everyone has one, some have static addresses, same number and some change every time you login, like a dailup connection. Every web site has an IP address, like your street
address, only we see the https-mikescomputerinfo thing instead, Spambots fake all that information, so until you positively know for a fact jack, that the abusing IP is the real abuser, I wouldn't block it. If I were to get a regular user on a Message Board that was registered and started abuse of some kind, then I would ban that persons IP Address, but if they are using a dailup connection, then I would not ban the IP, you get a different IP address every time you connect, fun hey. Well that should do it, hmmm aren't we a positive thinking person, not done yet. A link to a htaccess Guide
When it comes to a Message Board, ya know the little devils (Spambots) don't actually use the Messages Board, no no, they go directly to a Message that has the comment form on it and submit it from there. They are still trying to get to my old messages like once every minute, of ever hour of every day, persistent aren't they. I felt bad for them and reinstalled the messages, yup, well the folder and the file names of the messages and what is on those pages you ask, food for spambots. Now, I hardly get any errors for pages not there (messages) because I am feeding them. If it is a legitimate User requesting an old message from the message board, there is an explanation for them as to why they are on that page and why and what it is for. If a Spambot goes there, bogus emails, garbage and hey some forms for it to fill in, it is called a Honeypot. If your Forum or Guestbook uses MYSQL for it's data base, then the spambots cannot access it, if it is setup properly. Then it comes down to your registration process, I use Captcha and an extra question, to see it in action register on my Forum. Once a user passes the registration processes, they could spam, then you have to setup acct's so that their first few posts are approved by you, if they are legit users, promote them to an acct that is not Moderated.
What in the world is a Honeypot, well I am glade you asked, here are a couple links to some Honeypot's and if you want, you can join the fight and add a link from these sites onto your site, if you have one. The first one
gives the spammer all kinds of bogus email addresses for their data base, which they will have to clean out from their data base in order to sell it lol, have fun spammer, have a taste of your own medicine. The next one is another spambot killer with bogus emails to harvest
turned off, the links will not work. I also have a little script that feeds the bots some yum yum lol and hopefully crashes it.
I'm thinking and looking at Comment Forms, I know a Form, Mike=ARE YOU CRAZY MAN, lol. My reasoning is this, my email address is still open to individual spammers, with the Comment Form I would no longer have any address on the site, hmmm. A Safe, Secure and Hack proof Form that protects my email address and the users address, that is the challenge, I'm looking at one that seems to meet the criteria, just a WEE BIT Nervous about forms, lol. It uses Captcha, so Spambots for now, are out, only sends the mail to me and does not save any addresses on the server, a plus! Oh Oh I got another spam message in my inbox Woot, err,
it will only accept comments from MY website, cool, no other ( another spam in inbox) website can access the form and use it, yes they try and do that, to send spam to us using my Form, nice huh. If I install it and test it and decide to use it, (as a nervous chill goes through my body), I will have it listed under Message in the Main Menu, if and that is a BIG nervous if, why so nervous, because I had one a few years back and the form was used to send out other BAD websites mail and I had to remove it fast. Oh Oh another spam in inbox, shakes head!
I installed the Comment Form it is located under Message in my Java Menu, so far it is working. spammers could still send spam manually but none have yet, lol. I removed an old calendar script and replaced it with a non input java calendar. The hackers and spammers are attacking websites with a vengeance, so I'm trying to stay one step ahead of them. They are attacking any input forms and are trying to hack the scripts on the servers. This is getting pretty wild, it is like they are trying to remove any interactive content on the web, granted, most are spammers trying to drop links to websites in forms, to increase the ranking of that individual website, particularly poker and porn related sites, they have actually turned their attention to the web verses your inbox, because of the ease of running a spambot to achieve their goals. I'm really not sure where this is all going, I have blocked access to my site to some spammers, but they continue to bang on the door. Websites with limited resources might end up with noninteractive content only on their websites, that would be a real shame. Well the story is unfolding, only time will tell and by the way, the bad people know all this stuff and more, it is us trying to stay ahead of them.
If you have a comment or question, use the Contact Mike Form under Message.
Copyright © 2007, Mikescomputerinfo.com, All Rights Reserved.
Reproduction of information on this site, is prohibited without written permission.
Microsoft is in no way affiliated with, nor offers endorsement of this site.