Someone mentioned that not one but two of their php-based Guest Books had been spammed by bots. I haven't gotten the details of how this was accomplished, so does anyone have any idea..? Apparently, they are porn sites and such, and they post hundreds of messages to the GB daily.
Would it be correct to assume that the bots were harvesting the URI and form field variables that passed the data to the php script to do it remotely..? If so, can this be accomplished passing the data using "get" or "post?"
Even so, wouldn't domain blocking be effective against this, or simply blocking all requests from domains outside your own, for example? Or what about converting the form field values to variables, defined in external docs, etc..?
At any rate, I'd be interested in knowing how these bots might have spammed these php scripts, if you anyone has had any experience with this, and how it might be prevented...
thanks, for any insight,