View Full Version : how to ban spammer

12-04-2008, 04:25 PM
Hi I really had a terrible experience in spammer, it seems that they really enjoy posting messages on my website. I have a nomination form which allow guest fill up the form im using PHP. and spammer had a lot of entry promoting their lustfull website. and it seems they live in my website, im tired of deleting their messages in my database.. I want them to ban in my website by getting their IP. Do anyone has an idea how to block this spammer, I believe they use a lot of IP.


12-04-2008, 04:33 PM
Google "captcha"

Or set it up so the comments don't go public until they are approved. If spam never gets displayed, spammer may give up (but I doubt it).

12-04-2008, 06:14 PM

$bannedIP =;

if($ip == $bannedIP){
echo "Your IP is banned!";
echo "Post a comment";
// Insert post comment here


The spammer may use multiple ip's or a dynamic IP address...
And your IP can be faked

Your best bet is a captcha

12-05-2008, 09:08 AM
I already use the captcha and so far its work great.. thanks guyz

12-05-2008, 10:24 PM
CAPTCHA is a good solution. reCAPTCHA is my favorite one:

Also you can block some harvesting bots with .htaccess (not a perfect solution but still can filter out some)

And don't forget to use the latest version of your scripts (like forum / blog) is you use any.

it career
12-06-2008, 01:50 PM
Captcha code is hacked long back , try to upgrade your forum to latest version , write/buy few mods for the forum.

12-06-2008, 04:57 PM
I am sorry but really LOL!!! The thing is that many users do not try to understand spammers and add stupid captchas and restrictions which will never reduce amount of spam ever! Instead it makes board much more difficult to use and regular, honest users will leave it forever...

To fight back spammers effectively you need probably a good IT guy... first of all you should understand why they do this, what exactly they are getting from your web site. Many users think that they are trying to put their ads on your web site but that is not true :) Some adds captchas which is very hard to read even for the humans (I am not speaking about bots)... while that method is useless against Chinese spammers :) they do everything manually :) or in other words they have hundreds of users who is ready to post messages on your board for just 5 dollars per day... As a conclusion there is not one solution for any web site; each web site need own solution...

Good luck

p.s. Case you need a help just drop me a PM

12-06-2008, 05:21 PM
Just about anything you can do to a form can be detected and bypassed. As long as the form processing code does not validate all input to detect spam content, spam content will get posted to that form processing code. The form processing code is the last link in the chain and it must be the strongest link.

BTW: The most effective CAPTCHA is one that asks a question that requires human reasoning, such as "What is the 3rd (first, 1st, second, 2nd..., second/2nd from the last/end... randomly put into the question) shape (or what is the color of the second shape...) in the following shapes [image of random shape/random color] [image of random shape/random color] [image of random shape/random color]", where the question/shapes are dynamically output on an image. Doing OCR to decode 4-6 characters in a typical "enter the characters you see" CAPTCHA is relatively easy. Getting OCR to accurately decode longer text like - "What is the 3rd shape in the following shapes" is much harder and then they must determine what the question is referring to in order to provide the answer. Don't use math questions (what is 4 + 6) or copy/paste questions (enter the 2nd word in: "CF is a programming forum"), because computers can easily parse math and find/copy/paste text all day long, that is what they do well.

12-06-2008, 07:19 PM
thanks for tip