Advertisement
"Contact Us" Spam
Moderator: General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
-
- Joomla! Apprentice
- Posts: 18
- Joined: Mon Aug 29, 2005 6:40 pm
"Contact Us" Spam
Beginning 17-Feb-2007, I've been receiving spam messages from my "Contact Us" form. They are mostly innocuous, and the return email addresses are sometimes bogus. Obviously, I have to just "trash" these instead of marking them as spam (don't want my REAL feedback to be marked as spam.) It's not that annoying yet, but this could definitely become problematic if it increases too much.
I have seen "captcha" solutions mentioned elsewhere to help combat this, and they seem to be viable.
What are your experiences with this, and how do you suggest combating this?
I have seen "captcha" solutions mentioned elsewhere to help combat this, and they seem to be viable.
What are your experiences with this, and how do you suggest combating this?
Advertisement
-
- Joomla! Ace
- Posts: 1070
- Joined: Mon Aug 22, 2005 7:53 pm
- Location: Ilkley, West Yorkshire, UK
- Contact:
Re: "Contact Us" Spam
I ended up having to write my own code, complete with CAPTCHA that worked on my Server launched from a get in touch link/page and with a random page name.
Also added a few bits of code to strip any html code out, just in case. So far, so good!
Also added a few bits of code to strip any html code out, just in case. So far, so good!
My sites: http://dragonrider.co.uk, http://wharfedalefestival.co.uk and several others
- Beat
- Joomla! Guru
- Posts: 844
- Joined: Thu Aug 18, 2005 8:53 am
- Location: Switzerland
- Contact:
Re: "Contact Us" Spam
As there has been demand to extend Community Builder Captcha plugin for the joomla contact form, i checked if there were events generated in Joomla 1.0.12 core for a Joomla plugin, but no luck: no events available to add such a function cleanly to core Joomla 1.0.12...
Didn't check yet in Joomla 1.5, but as i understand there should be such a possibility.
(btw: Spam in CB installs has become such an anoyance that we decided to include this plugin into next cb version)...
I think there is a component on extensions site which patches joomla for this, but i don't recommend patches for security reactivity reasons.
Didn't check yet in Joomla 1.5, but as i understand there should be such a possibility.
(btw: Spam in CB installs has become such an anoyance that we decided to include this plugin into next cb version)...
I think there is a component on extensions site which patches joomla for this, but i don't recommend patches for security reactivity reasons.
Beat ![Cool 8)](./images/smilies/icon_cool.gif)
www.joomlapolis.com <= Community Builder + CBSubs Joomla membership payment system - team
hosting.joomlapolis.com <= Joomla! Hosting, by the CB Team
![Cool 8)](./images/smilies/icon_cool.gif)
www.joomlapolis.com <= Community Builder + CBSubs Joomla membership payment system - team
hosting.joomlapolis.com <= Joomla! Hosting, by the CB Team
-
- Joomla! Intern
- Posts: 72
- Joined: Sat Jan 06, 2007 8:58 am
Re: "Contact Us" Spam
Hi Beat!
Which parts of the CB install seem to be attracting so much spam? I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...
PR
Which parts of the CB install seem to be attracting so much spam? I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...
PR
-
- Joomla! Apprentice
- Posts: 18
- Joined: Mon Aug 29, 2005 6:40 pm
Re: "Contact Us" Spam
Without having to install CB (I have no need for it) is there any other solution (maybe a "Contact Us" replacement that includes Captcha?
- FerretLife
- Joomla! Enthusiast
- Posts: 157
- Joined: Thu Aug 25, 2005 8:35 pm
Re: "Contact Us" Spam
One of my sites gets spam through the contact form daily. Annoying. I have tried the form component that Beat spoke of and could not get it to work or look right.pearlyred wrote: Hi Beat!
Which parts of the CB install seem to be attracting so much spam? I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...
PR
I do have Community Builder installed on that site, and had been getting "spam" registrations, almost daily. I installed their Captcha plugin, worked great!
Now if someone can just work some magic on the Contact Form Component!
- Beat
- Joomla! Guru
- Posts: 844
- Joined: Thu Aug 18, 2005 8:53 am
- Location: Switzerland
- Contact:
Re: "Contact Us" Spam
It's mainly registrations which attracted "spams", a poor trial to get noticed by spammers, as usually site admins delete such registrations anyway. CB 1.0.2 included a few anti-spam measures without hitting accessibility, which slowed down the amounts of spam for a few months, before bots "learned". Captcha plugin is an intermediate measure. Next CB release will include even more sophisticated anti-spam measures.pearlyred wrote: Hi Beat!
Which parts of the CB install seem to be attracting so much spam? I've recently installed it onto our site, but haven't made it live yet so haven't been exposed to it yet...
PR
Beat ![Cool 8)](./images/smilies/icon_cool.gif)
www.joomlapolis.com <= Community Builder + CBSubs Joomla membership payment system - team
hosting.joomlapolis.com <= Joomla! Hosting, by the CB Team
![Cool 8)](./images/smilies/icon_cool.gif)
www.joomlapolis.com <= Community Builder + CBSubs Joomla membership payment system - team
hosting.joomlapolis.com <= Joomla! Hosting, by the CB Team
-
- Joomla! Intern
- Posts: 72
- Joined: Sat Jan 06, 2007 8:58 am
Re: "Contact Us" Spam
Ah ok. When I go live I'll probably include something like the myVIPcode mod for phpBB on the registration page. I used it on my phpbb install and spam registrations went from about 50 a month to about 2 per month, not bad
I'm not all that keen on captcha's.
![Smiley :)](./images/smilies/icon_smile.gif)
- muddauber
- Joomla! Ace
- Posts: 1618
- Joined: Thu Jun 08, 2006 11:26 pm
Re: "Contact Us" Spam
Here's some more info from the HoneyPot Project.
I've kept up with them and have a server as a honeypot.
This could be helpful to the Joomla Community:
Monday, QuickLinks helped more people get involved with Project Honey Pot.
Tuesday, we announced we'd begun tracking a new online menace: Comment
Spammers. Today we make good on a promise we made when we first launched
Project Honey Pot more than two years ago: helping you stop spammers before
they even get your email address. In other words, today we launch http:BL.
In short, http:BL is a system where website owners can query Project Honey
Pot's data in order to determine whether a visitor to their site is a known
bad guy. If so, the visitor can be blocked, routed to a CAPTCHA or other
test, or sent directly to a honey pot. The system tracks search engines,
suspicious IPs, known harvesters, and known comment spammers through
Project Honey Pot's vast network of traps installed on websites in over 100
countries around the world. It returns the power over who is allowed onto a
website to the website's owner.
Learn more at:
http://www.projecthoneypot.org/5days_wednesday.php
Built around the existing DNS infrastructure, http:BL takes its inspiration
from traditional DNSBLs -- such as Spamhaus and SURBL -- that have been
used successfully to stop known spammers from connecting to mail servers.
Http:BL extends this same power to website administrators. The basic system
is free and, starting today, it is open to every active member of Project
Honey Pot.
I've kept up with them and have a server as a honeypot.
This could be helpful to the Joomla Community:
Monday, QuickLinks helped more people get involved with Project Honey Pot.
Tuesday, we announced we'd begun tracking a new online menace: Comment
Spammers. Today we make good on a promise we made when we first launched
Project Honey Pot more than two years ago: helping you stop spammers before
they even get your email address. In other words, today we launch http:BL.
In short, http:BL is a system where website owners can query Project Honey
Pot's data in order to determine whether a visitor to their site is a known
bad guy. If so, the visitor can be blocked, routed to a CAPTCHA or other
test, or sent directly to a honey pot. The system tracks search engines,
suspicious IPs, known harvesters, and known comment spammers through
Project Honey Pot's vast network of traps installed on websites in over 100
countries around the world. It returns the power over who is allowed onto a
website to the website's owner.
Learn more at:
http://www.projecthoneypot.org/5days_wednesday.php
Built around the existing DNS infrastructure, http:BL takes its inspiration
from traditional DNSBLs -- such as Spamhaus and SURBL -- that have been
used successfully to stop known spammers from connecting to mail servers.
Http:BL extends this same power to website administrators. The basic system
is free and, starting today, it is open to every active member of Project
Honey Pot.
-
- Joomla! Apprentice
- Posts: 28
- Joined: Thu Jan 19, 2006 5:49 am
- Location: Valencia - Venezuela
- Contact:
Re: "Contact Us" Spam
I have no skills with php nor mysql but i am really upset about comment spammers at my forum...
I was looking for a solution and found Bad Bevaiour for Joomla!:
http://extensions.joomla.org/component/ ... Itemid,35/
It works pretty fine but its database is not up to date so a few spammers get my forums.
I did continue my search and found Project Honey Pot:
http://www.projecthoneypot.org
Obviously, it looks like a final solution but i have not experiencie to code a bot for joomla.
Finally, totally freak with the spam, I decided to try including some lines to my INDEX.PHP and amazing it works.
I copy and paste the lines i put at the very top of my index.php in order to pray for help to get those lines into a proper structure for a mambot:
----------
// My http:BL key
$apikey = 'YOUshouldPUTyourOWNkeyHERE';
// IP to test : your visitor's
$ip = $_SERVER['REMOTE_ADDR'];
// build the lookup DNS query
// Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
$lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';
// check query response
$result = explode( '.', gethostbyname($lookup));
if ($result[0] == 127) {
// query successful !
$activity = $result[1];
$threat = $result[2];
$type = $result[3];
if ($type & 0) $typemeaning .= 'Search Engine, ';
if ($type & 1) $typemeaning .= 'Suspicious, ';
if ($type & 2) {
$typemeaning .= 'Harvester, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
if ($type & 4) {
$typemeaning .= 'Comment Spammer, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
$typemeaning = trim($typemeaning,', ');
}
----------
The only thing you need is a Honey Pot Key, don't worry it is free, and you can get it from:
http://www.projecthoneypot.org/httpbl.php
Those lines are working great but i'm totally sure they should not be placed like i did nor where i did.
Any guides or help to make a bridge of Honey Pot with Joomla! will be really apreciatted.
Thanks in advance for your help.
I was looking for a solution and found Bad Bevaiour for Joomla!:
http://extensions.joomla.org/component/ ... Itemid,35/
It works pretty fine but its database is not up to date so a few spammers get my forums.
I did continue my search and found Project Honey Pot:
http://www.projecthoneypot.org
Obviously, it looks like a final solution but i have not experiencie to code a bot for joomla.
Finally, totally freak with the spam, I decided to try including some lines to my INDEX.PHP and amazing it works.
I copy and paste the lines i put at the very top of my index.php in order to pray for help to get those lines into a proper structure for a mambot:
----------
// My http:BL key
$apikey = 'YOUshouldPUTyourOWNkeyHERE';
// IP to test : your visitor's
$ip = $_SERVER['REMOTE_ADDR'];
// build the lookup DNS query
// Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org'
$lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org';
// check query response
$result = explode( '.', gethostbyname($lookup));
if ($result[0] == 127) {
// query successful !
$activity = $result[1];
$threat = $result[2];
$type = $result[3];
if ($type & 0) $typemeaning .= 'Search Engine, ';
if ($type & 1) $typemeaning .= 'Suspicious, ';
if ($type & 2) {
$typemeaning .= 'Harvester, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
if ($type & 4) {
$typemeaning .= 'Comment Spammer, ';
$kurl="http://www.inosanchez.com/stopspam.php";
header("location:$kurl"); }
$typemeaning = trim($typemeaning,', ');
}
----------
The only thing you need is a Honey Pot Key, don't worry it is free, and you can get it from:
http://www.projecthoneypot.org/httpbl.php
Those lines are working great but i'm totally sure they should not be placed like i did nor where i did.
Any guides or help to make a bridge of Honey Pot with Joomla! will be really apreciatted.
Thanks in advance for your help.
LA967.NET
WEB RADIO
WEB RADIO
-
- Joomla! Apprentice
- Posts: 30
- Joined: Fri Sep 16, 2005 2:48 pm
Re: "Contact Us" Spam
I found a number of different ways to use honeypot but did not see any mention of adding this code in pages. Where did you find this and what is it doing exactly?
David
David
-
- Joomla! Apprentice
- Posts: 28
- Joined: Thu Jan 19, 2006 5:49 am
- Location: Valencia - Venezuela
- Contact:
Re: "Contact Us" Spam
When you add this code into index.php it will search for your visitors IPs at Honey Pot Database, if it finds a match as Harvester or Comment Spammer it should redirect the visitor to a Honey Pot Trap. Actually, i added a few more lines to caught even suspicious IPs. It works, but i know this is not the right way to get Honey Pot into Joomla. A mambot will be the right solution but I have no skills to develope it.
I found the info for those lines at http://www.projecthoneypot.org/httpbl_api.php
Any help to get those lines into a mambot will be very helpfull.
I found the info for those lines at http://www.projecthoneypot.org/httpbl_api.php
Any help to get those lines into a mambot will be very helpfull.
LA967.NET
WEB RADIO
WEB RADIO
-
- Joomla! Apprentice
- Posts: 30
- Joined: Fri Sep 16, 2005 2:48 pm
Re: "Contact Us" Spam
So are you running this as well as bad behavior? How successful has this been for you?
David
David
-
- Joomla! Apprentice
- Posts: 30
- Joined: Fri Sep 16, 2005 2:48 pm
Re: "Contact Us" Spam
Hello Kenio,
Your code has links to http://www.inosanchez.com/stopspam.php. Where do I get that file? And how can you tell that it is working?
At the moment i have the aheadoccasional.php in the public html directory and your code in index.php. Should I do both?
David
Your code has links to http://www.inosanchez.com/stopspam.php. Where do I get that file? And how can you tell that it is working?
At the moment i have the aheadoccasional.php in the public html directory and your code in index.php. Should I do both?
David
- toubkal
- Joomla! Hero
- Posts: 2860
- Joined: Thu Aug 18, 2005 4:35 pm
- Location: Cheshire, England
- Contact:
Re: "Contact Us" Spam
Obviously this thread has begun to look at some more serious methods of preventing contact form spam, but I thought it worth mentioning that I stopped the vast majority of the spam that I was receiving, simply by adding a few words into the banned words parameter of the contact form menu item parameters.
For those who do not wish to implement a code based solution, it may be worth drawing your attention to the banned word parameter as a very simple first step to try.
For those who do not wish to implement a code based solution, it may be worth drawing your attention to the banned word parameter as a very simple first step to try.
Do you want the answer to be as vague as your question?
-
- Joomla! Apprentice
- Posts: 28
- Joined: Thu Jan 19, 2006 5:49 am
- Location: Valencia - Venezuela
- Contact:
Re: "Contact Us" Spam
dbuch, I was using both: Honey Pot and Bad Behaviour... I quit Bad Behaviour because it has no way to supervise what it's doing. You should get into phpMyAdmin to see what Bad Behaviour is banning and i rather not touch anything there to prevent a mess, i just have no skills at all with mysql.
I know Honey Pot is working because you actually can look at http://www.projecthoneypot.org/bsc_X19t ... UmX19ieT0x to see which IPs marked as Comment Spammers were caught in my trap and http://www.projecthoneypot.org/bsh_X19t ... UmX19ieT0x for Recent Harvesters caught.
http://www.inosanchez.com/stopspam.php is my trap, is a file that Honey Pot creates for each website in order to detect spiders or bots trying to spam your site. You can create your own trap at http://www.projecthoneypot.org/manage_honey_pots.php
Just remember, in case you want to ad those lines to your index.php you must replace your own key at:
$apikey = 'YOUshouldPUTyourOWNkeyHERE';
You can get your own key at: http://www.projecthoneypot.org/httpbl_configure.php
You do not need to create your own trap but you must create your own key because sharing of Access Keys with other users is forbidden by the Project Honey Pot Service Agreement. You can keep the link to my trap or change it to yours.
I sugeest you to create your own honey pot (trap), upload it to your site. Creates invisible links to your trap (just for spiders not to humans, more info at http://www.projecthoneypot.org/linking_instructions.php ), create your own key and then insert those lines to your index.php
Just take a full tour at http://www.projecthoneypot.org and read, read till death...
I know Honey Pot is working because you actually can look at http://www.projecthoneypot.org/bsc_X19t ... UmX19ieT0x to see which IPs marked as Comment Spammers were caught in my trap and http://www.projecthoneypot.org/bsh_X19t ... UmX19ieT0x for Recent Harvesters caught.
http://www.inosanchez.com/stopspam.php is my trap, is a file that Honey Pot creates for each website in order to detect spiders or bots trying to spam your site. You can create your own trap at http://www.projecthoneypot.org/manage_honey_pots.php
Just remember, in case you want to ad those lines to your index.php you must replace your own key at:
$apikey = 'YOUshouldPUTyourOWNkeyHERE';
You can get your own key at: http://www.projecthoneypot.org/httpbl_configure.php
You do not need to create your own trap but you must create your own key because sharing of Access Keys with other users is forbidden by the Project Honey Pot Service Agreement. You can keep the link to my trap or change it to yours.
I sugeest you to create your own honey pot (trap), upload it to your site. Creates invisible links to your trap (just for spiders not to humans, more info at http://www.projecthoneypot.org/linking_instructions.php ), create your own key and then insert those lines to your index.php
Just take a full tour at http://www.projecthoneypot.org and read, read till death...
LA967.NET
WEB RADIO
WEB RADIO
- PakWaan
- Joomla! Intern
- Posts: 68
- Joined: Thu Mar 09, 2006 12:38 am
- Location: Florida, USA
Re:
I have found that adding the words "http" and "www" in the banned words list for both the banned subject and banned text list eliminated all of the spam - it won't let anyone type in a web address on the contact form, and then it does them no good to send you anything.
- muddauber
- Joomla! Ace
- Posts: 1618
- Joined: Thu Jun 08, 2006 11:26 pm
Re: Contact Us Spam
Great idea PakWaan! And easy to implement. Thanks Kenio on the Honeypot info and links.
I'll check that out.
I know the problem exists and we need to continue to come up with solutions to
make our sites useful and not exploited.
Has it actually given you information that will help you block problems?
I'll check that out.
I know the problem exists and we need to continue to come up with solutions to
make our sites useful and not exploited.
Has it actually given you information that will help you block problems?
-
- Joomla! Enthusiast
- Posts: 199
- Joined: Mon Aug 20, 2007 6:46 pm
Re:
Hi all,
I found this topic whilst searching for ways to avoid spam to my Joomla! sites through the contact forms. and used the advice to add "http" and "www" to the banned words...
Spam stopped immediately...But... So did all other mail from the contact form.. On checking this I am getting the message "your email contained banned words" every single time even if the banned word is not in the list set in the parameters...
If I remove all the words from the settings and save I can then go to the front end and use the contact form... If there is a word in the banned word area of the contacts parameters then no emails at all are sent... It doesn't seem to matter if the banned word is written in the contact form or not...
Could anyone else confirm this? Right now I have removed my banned word list and am open to spam again...
Clive
I found this topic whilst searching for ways to avoid spam to my Joomla! sites through the contact forms. and used the advice to add "http" and "www" to the banned words...
Spam stopped immediately...But... So did all other mail from the contact form.. On checking this I am getting the message "your email contained banned words" every single time even if the banned word is not in the list set in the parameters...
If I remove all the words from the settings and save I can then go to the front end and use the contact form... If there is a word in the banned word area of the contacts parameters then no emails at all are sent... It doesn't seem to matter if the banned word is written in the contact form or not...
Could anyone else confirm this? Right now I have removed my banned word list and am open to spam again...
Clive
- PakWaan
- Joomla! Intern
- Posts: 68
- Joined: Thu Mar 09, 2006 12:38 am
- Location: Florida, USA
Re: Re:
That's strange. It works fine for me on 1.0.15, I get mail from the site almost every day.wildside wrote: I used the advice to add "http" and "www" to the banned words...Spam stopped immediately...But... So did all other mail from the contact form..
![Image](http://www.justtherecipe.com/temp/banned.jpg)
Advertisement