cforms II User Forum

Registration is currently disabled.
Guest

FAQs

Login form protected by Login LockDown.


Lost password?
Advanced Search

— Forum Scope —

  

— Match —

   

— Forum Options —

    

Wildcard usage:
*  matches any number of characters    %  matches exactly one character

Minimum search word length is 4 characters - maximum search word length is 84 characters

Topic RSS
Spam still arriving despite captcha verification etc.?
April 2, 2009
5:06 pm
Guest

Here's a little gotcha that I thought I'd share with the world. I amended my template to use cforms with Captcha Verification to avoid spammers.  I know this works because I've done it on other blogs, but the spam kept coming.

So, I was puzzled and went to look at the HTML source of the posts. Turns out because I'd commented out the PHP of my regular comments form, rather than deleting it completely, the regular form was there in the HTML inside comment braces (as well as the cforms code which wasn't in comment braces).  Now it seems that the spammer webcrawlers just ignore the comment braces, and see the regular form, and post to it and it still works!

So, the answer is don't comment out the regular form in the template, delete it.   It also seems that if a spammer was clever enough to notice  a wordpress site, they could spam it by posting to the regular form URL (which is still there) and bypass the cforms form, which I think explains why you very occasionally get spam on a captcha verified site, or maybe I'm wrong.

Cforms is great, by the way.

Mike

April 2, 2009
6:45 pm
Oliver
Munich, Germany
Admin
Forum Posts: 6400
Member Since:
March 6, 2005
Offline

Thanks Mike, great feedback.

If you want to be 100% sure, you can rename wp-root/wp-comments-post.php file, since it isn't needed anymore when using cforms WP comment feature.

March 11, 2014
3:19 pm
sergio
Guest

Does this spam arrives in the form of comments?

My website is being bombarded by spam through the cforms system, with a cform email, with the cform email template. Does this still apply to my case?

I changed the number math captcha to a text image, and made the colors very light today, in an attempt for preventing some kind of text decipher algorithm to figure out the characters.

Forum Timezone: Europe/Berlin

Most Users Ever Online: 959

Currently Online:
27 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

tracedef: 43

mores: 21

Gyrus: 20

frozenwaste: 18

asuffredini: 15

photoworks: 14

Member Stats:

Guest Posters: 3733

Members: 1463

Moderators: 3

Admins: 2

Forum Stats:

Groups: 1

Forums: 4

Topics: 5334

Posts: 18698

Newest Members: juredujmovic, dreamkeeper, rajattyagi, wrokaa, lukass

Moderators: Paul (421), cnymike (8), sonika (95)

Administrators: Oliver (6400), Nicky (3)