dnebeker
08-28-2012, 12:07 AM
I've got all the anti-spam features turned on in my forum and I'm still getting swamped.
My forum states we use rel=nofollow in hopes of discouraging some human spammers. But the automated spam is still coming strong, and getting past the protection techniques. So I've been pondering... :)
What I'd love to see is the form engine randomize all the form field IDs before sending the page to the browser. A session variable in the server would map the random field ID to the real field ID, so when the form is posted back, the fields can be re-aligned. That would defeat automated tools that do simple form posts with fixed/well known fields.
Some automated tools would get a little smarter and start parsing the page to grab the randomized IDs. These could be defeated by randomly changing the order of the fields on the page. A small javascript file would get loaded (created on the fly by the server given the form's random ID) which would re-arrange the form's fields, and add the field's titles, on the fly. This way an automated tool couldn't just parse titles or look at field position to guess what the form really is.
If vBulletin was written in ASP.NET, I'd take a stab at it. But I'm a complete noob at PHP so it's not something I could pull off easily. But surely someone else could...? :)
My forum states we use rel=nofollow in hopes of discouraging some human spammers. But the automated spam is still coming strong, and getting past the protection techniques. So I've been pondering... :)
What I'd love to see is the form engine randomize all the form field IDs before sending the page to the browser. A session variable in the server would map the random field ID to the real field ID, so when the form is posted back, the fields can be re-aligned. That would defeat automated tools that do simple form posts with fixed/well known fields.
Some automated tools would get a little smarter and start parsing the page to grab the randomized IDs. These could be defeated by randomly changing the order of the fields on the page. A small javascript file would get loaded (created on the fly by the server given the form's random ID) which would re-arrange the form's fields, and add the field's titles, on the fly. This way an automated tool couldn't just parse titles or look at field position to guess what the form really is.
If vBulletin was written in ASP.NET, I'd take a stab at it. But I'm a complete noob at PHP so it's not something I could pull off easily. But surely someone else could...? :)