In this page you can be explained how the forms built with spam protection.
\nToday lot of bots,hackers came. So we have to protect the site from hackers at maximum.
\nFew listed here are best technique to protect your site from spam or bots.<\/p>\n
Why we used all these techniques?
\nNow there are many automated form filling tools available in online.Once they plugged into the browser they have capable of automatically fill the information and submitted. It will ruin our database.Also it take time to delete. So it leads to problem.<\/p>\n
There are many programmers or black hat hacker available now.They can program for specific application that will able to do automated tasks. Method 2<\/strong><\/p>\n Robots are trying to fill the every form fields.So it may chance to fill the hidden fields or invisible fields where users are not able to do normally. Add any hidden fields like below<\/p>\n Humans are not able to see the hidden text box normally. By checking above fields to null we confirm that are human only and save the application or do something This can greatly reduce the spams.I will demonstrate how to do now? Browser output would be like this. Its a random number generated. so we cannot predict that.So it is secure now.<\/p>\n Create action page like page2.php<\/strong><\/em> \/\/Now $fname equal to the random session textbox name. You cannot predict the name of the input name. So initially we store the random field names in session with known key.<\/p>\n Every refresh of browser would save the random field names in session key like fname,lname.<\/p>\n Now we have an session array of key and value as the dynamic field names. Method 4<\/strong><\/p>\n Restrict the spam ip to protect your site.<\/p>\n Using php:<\/strong><\/p>\n Using Htaccess<\/strong><\/p>\n These above methods are effective to handle the spams. It is better to use.<\/p>\n","protected":false},"excerpt":{"rendered":" Here is many techniques available to secure your form.These are captcha, hidden fields, dynamic varying field names,ip restriction via htacess;php;webservices and form timeouts. We brief the above concepts clearly.Control form spams,control spams, restriction to robots, anti spam,dynamic varying field names to control spam<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[29,32,9,15,20,26,31,30,28,10,27],"class_list":["post-14","post","type-post","status-publish","format-standard","hentry","category-phptags","tag-add-security-to-forms","tag-anti-spam-techniques","tag-control-spam","tag-create-form-with-spam-reduction","tag-dynamic-field-names","tag-form-spam-control","tag-form-spam-protection","tag-honeypots","tag-php-form-validation","tag-restriction-to-robots","tag-spam-check"],"_links":{"self":[{"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/posts\/14","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/comments?post=14"}],"version-history":[{"count":83,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/posts\/14\/revisions"}],"predecessor-version":[{"id":387,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/posts\/14\/revisions\/387"}],"wp:attachment":[{"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/media?parent=14"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/categories?post=14"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.create-dynamic.com\/blog\/wp-json\/wp\/v2\/tags?post=14"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nMethod 1<\/strong><\/p>\nCaptcha<\/h3>\n
\"Completely Automated Public Turing test to tell Computers and Humans Apart.\" is best method to reduce the spams.<\/code><\/pre>\n<\/div>\nBy hidden Fields<\/h3>\n
\nIt can possible by users to change the default value of any thing that was hidden in a page.I will show you later.<\/p>\n<input type=\"hidden\" name=\"sites\" value=\"\"\/>\r\nOR\r\n<span style=\"display:none\"><input type=\"text\" name=\"check\" value=\"\" \/><\/span><\/code><\/pre>\n<\/div>\n
\nSo when you submit the form you can check the hidden fields like below.<\/p>\nif(isset($_POST['sites']) && trim($_POST['sites'])=='') {\r\n\/\/do something\r\n}else\r\n\/\/Pass this to error or thankyou page.<\/code><\/pre>\n<\/div>\n
\n
\nMethod 3<\/strong><\/p>\nBy Dynamic varying fields names<\/h3>\n
\nCreate a file name file1.php<\/strong><\/em>
\ncopy the below snippet and paste in your files<\/p>\n<?php\r\nsession_start() ;\r\n$_SESSION['txt']['fname']='fname'.md5(rand(2,10));\r\n$_SESSION['txt']['lname']='lname'.md5(rand(2,10));\r\n?>\r\n<form action=\"page2.php\" method=\"post\" name=\"dynamicfields_name\">\r\n<div>First Name<\/div><input type=\"text\" name=\"<?php echo $_SESSION['txt']['fname'];?>\" id=\"fname\" value=\"\"\/><div>Last Name <\/div><div><input type=\"text\" name=\"<?php echo $_SESSION['txt']['lname'];?>\" id=\"lname\" value=\"\"\/ ><\/div><h4 ><\/h4>\r\n<div><input type=\"submit\" value=\"Submit\"\/><\/div>\r\n<\/form><\/code><\/pre>\n<\/div>\n<input type=\"text\" name=\"fname3ef815416f775098fe977004015c6193\" value=\"\" \/><\/code><\/pre>\n<\/div>\n
\ncopy the below snippet and paste in your file<\/p>\n<?php\r\nsession_start() ;\r\nif(count($_SESSION['txt'] )>0)\r\nforeach($_SESSION['txt'] as $key=>$value) {\r\n$$key = trim($_POST[$value]) ;\r\n}\r\n?><\/code><\/pre>\n<\/div>\n
\nOnce we do the foreach, we can get the value as random field names and key as actual field names<\/p>\nforeach($_SESSION['txt'] as $key=>$value) {\r\n$$key = trim($_POST[$value]);\r\n}\r\n\/\/echo $fname;\r\n\/\/echo $lname;\r\n<\/code><\/pre>\n<\/div>\nIP Restriction<\/h3>\n
1.)There are some web services available which provide spam ip. From which you can restrict spammers to post.Also web services return country code from that you can ban or allow the country.\r\n2.)Store the spam ip in your database and restrict them to post.\r\n3.)Every one in the world could not have the static ip address. There may be possible to have shared ip. Some small company or individual have shared ip. Ip is changing daily or when restart the modem.So it may not visible to them if you ban ip address. Try to examine the ip which spam daily and ban it if you cant able manage it.\r\n4.)Some Web services available to check some factors in a posted content and return true or false.From which you can store in a database or other purpose Ex: Akismet\r\n5.)You can restrict to post if there was a link or some headers.\r\n6.)I was experienced some problem related to search engine. Some search engine act as a bots and post the data continuously.Also it impair the database or files if there was weakly coded.Every search engine was not genuine.\r\n<\/code><\/pre>\n<\/div>\n$banip[]='xxx.xxx.xxx.xx1';\r\n$banip[]='xxx.xxx.xxx.xx2';\r\nif (in_array($_SERVER['REMOTE_ADDR'],$banip))\r\ndie ( \"Permission denied!\" );\r\nif ( in_array($_SERVER['REMOTE_ADDR'],$banip )) {\r\nheader(\"HTTP\/1.1 403 Forbidden\");\r\nexit; }\r\n<\/code><\/pre>\n<\/div>\norder allow,deny\r\ndeny from xxx.xxx.xxx.xx1\r\ndeny from xxx.xxx.xxx.xx2\r\ndeny from xxx.xxx.xxx.xx3\r\nallow from all\r\n<\/code><\/pre>\n<\/div>\nConclusions:<\/h3>\n