Freepages-Help-L Archives

Archiver > Freepages-Help > 2008-08 > 1218709558


From: Barry Carlson <>
Subject: Re: [FreeHelp] Guestbook - s.p.a.m
Date: Thu, 14 Aug 2008 22:25:58 +1200
References: <48A3FF82.4010508@rprobert.co.uk>


Rosemary <> wrote
On Thursday, August 14, 2008 9:48 PM (UTC+12)

> I am having serious problems with our guestbook. Over the past couple
> of weeks we have been deluged with s.p.a.m.
>
> A couple of days ago, I removed the form for the guestbook from the
> website, because I couldn't think of anything else to do!
> http://www.rootsweb.ancestry.com/~engcbanb/common/gbook.htm
>
> But it has made no difference!
>
> This morning there are over 15 unwanted messages
>
> http://resources.rootsweb.ancestry.com/~guestbook/cgi-bin/public_guestbook.cgi?gb=5547&action=view
>
> Any suggestions anyone?
---------------------
Hi Rosemary

Because the Rootsweb guestbook script doesn't check the referer URL when the
Guestbook form is submitted, it is possible for anyone to sit at a computer
and target your GB number. There is a Captcha password page that would
normally prevent robots from getting to the GB, but if the spammers are
prepared to pay for someone to enter the Captcha password, that protection
is lost.

If you check your GB, you will find that I have accessed it even though you
have taken it down.

So essentially there is nothing that can be done.

Barry


This thread: