PDA

View Full Version : Help! hundreds of SPAM emails sent from form I created...


sydesign
08-04-2014, 02:44 PM
Hello everyone, I have a situation and am not sure how to handle it.

Years ago, I was making a draft for a website and chose a random host to put it up on. The issue I'm having now is that somehow SPAM bots or something has hacked the contact form I created and I'm getting 50-100 emails daily from the contact form i created. The real issue is that I don't remember where this form is hosted and how to find it to take it down. I found the html source of the emails and where I believe it is hosted, however, I took that site down and it doesn't make sense that it would come from there.

Does anyone have any suggestions as to how I can stop the emails from coming?

Maybe a way that I can block emails coming from a specific host or IP address?

The email i am getting them sent to is a Godaddy hosted email address.

edbr
09-19-2014, 01:09 AM
you can block an IP address using .htaccess or with your mail filters on yourserver probably

queen123
03-05-2015, 09:40 AM
Im facing same problem

jmichae3
03-10-2015, 04:11 AM
Solutions you can use and combine:


captcha
email form token (a random number generated from the server and put into a hidden field for instance, can be time based) that is checked against
email address validation (at least make sure there are no CR's or LF's in it, commas, or ;'s which are used to separate addresses). make sure email address is in proper RFC2822 format. there are regexes for this, but be picky. note that foreign domains can be in UTF-8 format I think it may be your choice to reject those. avoid anything where domains are from certain countries (China (.cn), Russia for instance (.ru)) if you find you are having problems with them (a block list using php preg_match()).
do research on email form security (there are other techniques)
verify using PHP $_SERVER['DOCUMENT_ROOT'] (http://php.net/manual/en/reserved.variables.server.php) that the form actually comes from the same server. note that a problem can occur if your web site gets moved to another server - if DOCUMENT_ROOT changes and it's still the same hosting company, then you will have to monitor the form for changes and have if generate some sort of up-down status page, maybe even just turn itself off and show a blank page if $_SERVER['DOCUMENT_ROOT'] (http://php.net/manual/en/reserved.variables.server.php) has changed or send you an email *once* for each change - you would have to store the old value and the fact that you have sent the email to compare it against and update that and reset the "sent" flag after you fix the page then - in that case, you would have notification.