Guestbook disabled

February 12, 2007

I had to disable the guestbook for visitors, beacuse of the huge amount of spam attacks. The guestbook should be safe in the way that nobody can missuse it as a spam form to send smap all over the internet. The captcha code is working fine aswell, so no spams show up in the guestbook entry. I've been monitoring the incoming traffic for the guestbook and I've seen a lot of bad things going on. The HTTP_REFERER and REQUEST_URI tell me that those visits are direct request. They don't come from a real visitor browsing my website, and this visitor then decides to leave a guestbook entry . . . noooooo. They're direct requests, like someone would have linked back directly to the guestbook or bookmarked it. Also the times and IP addresses these requests come from are very strange.

Requests sometimes come from four different IP's withing two seconds using the same User-Agent and session ID, which tells me that these requests ( visits ) are automated. Sometimes I see that the guestbook is requested twice with the GET REQUEST_METHOD and only a few seconds later with POST. This sounds O.K. to me and this is how things should work, but nobody can fill out the requested text fields and the anti spam word withing a few seconds. None of the above mentioned requests look to me like they would come from a real human so the conclusion tells me only one word . . . spam.

I had an idea how I could minimize such bad traffic so I've done some changes to the guestbook. To see how and wether these changes work, I had to disable the guestbook for regular visitors. I have to apologize for that, but currently I don't see any other way in fighting the spammers. I can't tell how long I gonna have the guestbook disabled, but I hope it won't be that long.

Where do those spams come from ? ? ? I can't realy tell you. Some come from other websites, some from proxy servers, but most of them come from home computers infected by some maleware, viruses, trojans etc. To those people I would recommend to install an antivirus program which cleans the computer from infections. I would recommend to install a firewall ( software or hardware ) which can block outgoing traffic so you can monitor programs which connect to the internet and block those which might send spam.

News archive

April 2008 (1)

November 2007 (1)

July 2007 (1)

May 2007 (2)

March 2007 (1)

February 2007 (1)

January 2007 (3)

December 2006 (1)

November 2006 (1)

September 2006 (2)

July 2006 (1)

June 2006 (2)

May 2006 (2)

April 2006 (3)

March 2006 (5)

February 2006 (4)

January 2006 (2)

December 2005 (1)

July 2005 (1)

May 2005 (10)

April 2005 (1)

March 2005 (2)

December 2004 (3)

November 2004 (8)

October 2004 (12)

September 2004 (8)

August 2004 (5)

July 2004 (6)

June 2004 (4)

May 2004 (1)

April 2004 (7)

March 2004 (4)

February 2004 (5)