Web Form Spam

Report · Jul 22, 2013

I continue to have major issues with form spam on client sites. It appears the forms are being submitted with a URL inserted in the comments field. I've implemented captcha and recaptcha, yet the rate of spam submissions has not declined. I've contacted the BC help desk and they're not very helpful. Can anyone recommend any other solutions? 1) Remove the comments field so a URL cannot be submitted with the form? 2) Use the BC askimet for forms? (does it work or just overload the client with other duties?) 3) Use javascript to validate the comments field and prevent URLs form being submitted in this field? Is this even possible? Any help with other possible approaches would be appreciated. Thanks!

Report · Jul 22, 2013

Be sure to double check that your webform markup contains a captcha or recaptcha module and also the {module_ccsecurity} module. But, you'll also need to make sure that these modules are on your form in the BC Admin area where you setup your form. If you just include these modules manually into your form html on your site they won't work correctly. They need to also be in your webform in the BC Admin area. Make sure they are in both places.

BC's Akismet integration only works with the comments module I believe so if your web form is not an actual comments module then you cannot use the akismet service at this time for your web form.

There is a harder to read verstion of the {module_captchav2} that might help. It doesn't require changing any code on your web forms HTML or updating/adding modules to your web forms in the BC Admin... you just need to activate it by going to Site Settings > Captcha in the BC admin and choosing the more hard to read captcha version.

Report · Jul 22, 2013

Trickster, Thanks for your suggestions. I did not have the {module_ccsecurity} or {module_captchav2} in the web form admin area, but they were in the form code on the actual page. I did not realize they had to be in both places. BC support has never mentioned that requirement. If that's the case, you may have solved by problems! How did you determine that? If they aren't in both places, do they just not work? Thanks!

Report · Jul 22, 2013

I believe so-- that's what I read in some threads recently on this subject. I just enacted this same fix for a client the other day- I;ll check to see if it has had an impact so far... it's been a few days since we tried to fix our spam issues.

Don't get too excited. I'm not 100% on this-- but I'm hoping that it works for you.

Report · Jul 22, 2013

Why I insert as a module on a page. You only have to edit it once.

Report · Jul 30, 2013

Which is wrapped in a table and 9/10 without hacky CSS, looks terrible

Report · Jul 30, 2013

Not if you edit the html code as you can freely do (as I do). I never leave it as tables.

Report · Jul 30, 2013

But then what's the point of putting it in as a module?

Report · Jul 30, 2013

If you add a form to a page as html. And then you edit or change the form with new fields etc, How do you update the form and what steps?

What if you have that form in more then one location and then also wish to update it?

Both these cases and a few others I see on the forums countless times where people change html, add fields to pages and nothing works, or the other way around.

Module in a template, one layout to edit, local copy - Fast form building, one location only to worry about, simple multiple use.

Report · Jul 30, 2013

I just built a firewall that blocks form spam, botnets, blocks out of country IP's, and checks IP's against a bunch of different known spammer and hacker databases. We are beta testing it now if you wanted to try it and give us some feedback from people having bad issues with form spam. The worse the better so we can continue to make improvements. We can set it up for you for free in a matter of minutes. I have a couple of clients testing it who were getting hit with fake client profiles about 800 times a day and reduced it no zero so far. Shoot me an email at jared@ilockout.com if you want to test it our for us.

Report · Jul 30, 2013

Does it integrate with BC web forms?

Report · Jul 30, 2013

It should work with any CMS it just goes in the top index page. Can you

send me a link to the site you want to add it to and ill just double

check for you?

Report · Jul 30, 2013

As I'm sure you're aware Business Catalyst hosting is a SaaS so we don't have access to the server-side scripting language to do lots of custom stuff-- here's an example BC form: http://www.chrismatthias.com/contact-chris

Report · Jul 30, 2013

Shoot without having access to the scripting language it wont work... Do

you have any kind of FTP access to take a look?

Report · Jul 30, 2013

Like Trickster said, You wont get that to work.

For a start it is not PHP if that is what you have done that in.

Secondly any javascript method will not work - its Javascript.

Thirdly as Trickster said you do not have access to the server side code which is .NET based system.

Adobe Community

Web Form Spam

1 Correct answer