All geek questions in one place

Prevent the bombing of $ _POST

I have a contact form that is sent to my email address, and I recently got to attack some kind of spam attack ... I received as many as 76 thousand emails in one night from the same IP address. It made me crazy. What can I do to fix this? I know that I can implement captcha, but I don’t want it.: \

What else can I do to prevent multiple forms from submitting?

+6
source share
5 answers

You can try to stop this in several ways:

  • CAPTCHA (you already said that you didn’t like it, but this is probably the easiest solution)
  • The answer to some question that is easy to answer to a person, but not a script
  • Make sure the user is registered before they can send (provided that they must be registered)
  • Limit the size of the form so that each IP address can only send once after an N period of time.
+10
source

You can use Akismet , which does not use validation.

+4
source

To avoid transcoding, you can filter IP, for example, allow a maximum of 10 messages per day from the same IP address.

Every time someone sends an ip message store and increments a counter in the database.

+1
source

captcha is a very common way to prevent such (and for a very good reason, you should think about it)

If you could not set a cookie and check if its set is installed, if there is one, prohibit sending mail or register an IP address in a file or database and check when ip sent the last mail, and if the difference is small enough, prohibit sending mail

0
source

The only thing that needs to be done is to submit (or render) the form in order to execute javascript. This is a bit antisocial for those with NoScript installed, but most automated scripts will not be able to handle it.

0
source

Source: https://habr.com/ru/post/886660/

More articles:


All Articles