Gossamer Forum
Home : Products : Gossamer Links : Version 1.x :

Help I've been spammed

Quote Reply
Help I've been spammed
I was wondering if there was any way to block automatic submission software from accessing the add form. This morning I got swamped with over 400 submission, As fast as i'm verifying them, more are coming. At this point I think I'll just take away the add url page till I can figure out how to deal with this. Most of the sites submitted are useless anyway. I would appreciate any help I can get to solve this matter quickly.

Thanks
Barb

Quote Reply
Re: Help I've been spammed In reply to
Have you put anything in 'db_referers' in your Links.pm file?

If not, add your site domain in the following format (example from my own file) and re-upload:

Code:
# A list of valid referers. Anyone coming from a page not in
# this list will not be allowed to submit to the directory. Useful
# for spam prevention.
$LINKS{db_referers} = ['www.qango.com','qango.com'];
This should check to see if the submission is coming from your domain, and give an error if not - it may help you cut down on some of the spamming.

A more elaborate method is to change the name of the add.cgi file and re-reference it in your scripts and templates (be careful and take backups if you do :))

All the best
Shaun

Quote Reply
Re: Help I've been spammed In reply to
Thanks for the quick response. You saved me hours of work. All these simple fixes if you just know where to look. I'm totally new to links SQL and don't really know where everything is and how everything works. I was just getting use to Links 2.0 before I started using the upgrade.

Thanks again


Quote Reply
Re: Help I've been spammed In reply to
That's OK I'm pretty new to it myself - and it does take some getting used to :)

All the best
Shaun

Quote Reply
Re: Help I've been spammed In reply to
Hi,

I followed the instructions and fill it out:

# A list of valid referers. Anyone coming from a page not in# this list will not be allowed to submit to the directory. Useful# for spam prevention. $LINKS{db_referers} = ['www.mydomain.com','mydomain.com'];


I had apply a hack on my ADD.CGI : This is my sub main

#-------------------------------------------------#
my ($found);
my $in = new CGI;
my $dynamic = $in->param('d') ? $in : undef;
%in = %{&cgi_to_hash ($in)};
print $in->header('text/html');

if ($in->param('add')) {
&process_form ($in, $dynamic);
}
else {
my ($name, $category);
my $id = $in->param('ID');

# If we don't have an id, and can't generate a list, let's send the user a message.
if (! $id and ! $LINKS{db_gen_category_list}) {
&site_html_error ( { error => "Please go to the category you want to add to, and click add from there." }, $dynamic);
}
else {
if ($id) {
$name = &get_category_name ($id);
$category = "$name <input type=hidden name='CategoryID' value='$id'>";
}
else {
$category = &get_category_list ();
}
&site_html_add_form ({ Category => $category, %in }, $dynamic)
}
}
}

#-------------------------------------------------#


The problem is that: I still get SPAM by other strange people. HELP!! What can I do to stop this? Thanks in advance.


Quote Reply
Re: Help I've been spammed In reply to
Here is what I would recommend...

1) Add another sub that is a confirmation screen that users have to check before making the final submission. Look at the Add Confirmation Mod for Links 2.0 in the Resource Center. You can port the codes in the Links SQL version of add.cgi.

2) Read the posts I wrote in the Perl/CGI Forum about this very issue...I have provided codes for Links 2.0 that can easily be applied to Links SQL. Basically, it will disallow re-loading of the success of page to add the link again. And the user is presented with an error message stating that they have already added the link.

3) Use widgetz's modify.cgi Mod that also include codes for the add.cgi tnat will make users login first before adding links. This Mod can be found in this forum. Search for widgetz forum.cgi.

4) Add IP Address Blocking codes (that can be found at http://lookhard.hypermart.net/links-mods/ and can be ported to Links SQL - look for Block URL Mod) to your add.cgi that will check a list of blacklisted IP addresses and will prevent users with that IP address from adding links to your site.

5) Wait until the next version of Links SQL and see if there are more secure and robust user login features.

Regards,

Eliot Lee