General Discussions

**Hudba** · 03-26-2006, 11:26 PM

First of all I'm pretty much a newbie when it comes to website design so any help is greatly appreciated.

A couple of months ago I made a new website that handles with local politics here in North Carolina, USA. I'm sure there's some things on there that certain people don't agree with.
The site is hosted by GoDaddy on a Windows based server.
On the site are some forms that people can fill out to contact us, sign up for a newsletter or sign up to volunteer. These forms are handled by an ASP script that runs on the server.
All this script does is send me an email with the information that someone has entered into the forms.
For the last few days now I've been getting about 10 emails a day with information that does not make sense. It always has to do with someone signing up to get our newsletter, but instead of getting a regular name and email address I get something like hand1234 as a name and hand1234@(my website URL) as an email address.
When I look up in the server logs where those postings originate from i get some IP address in either Uruguay or The Netherlands!
An example out of my logs: 2006-03-25 05:20:29 W3SVC2245 POST /gdform.asp - 80 213.60.82.31 - (My website URL) 302 1748 1069

My question is: Is someone using my website for maplpractice? or is someone "sniffing" out the site to prepare for some kind of attack?

I get less than 10 of those mails a day for now, so I'm not too worried yet. I'm just affraid someone is preparing for something worse..like a Denial Of Service attack.

Thank you in advance for any help!

**Village Idiot** · 03-27-2006, 12:00 AM

that sounds something closer to a script error

**Hudba** · 03-27-2006, 12:13 AM

I've only had this problem for the last few days though.
I've had at least 20 "normal" people sign up for the newsletter in the past 2 months.
So I don't see why a script could all of a sudden change itself and start producing these errors. Especially if that script is a general ASP script made by Godaddy itself.

**Village Idiot** · 03-27-2006, 12:38 AM

I see, I doubt it is an attack.

**anno_domaini** · 03-27-2006, 09:16 AM

Quote:

Originally Posted by Hudba

I've only had this problem for the last few days though.
I've had at least 20 "normal" people sign up for the newsletter in the past 2 months.
So I don't see why a script could all of a sudden change itself and start producing these errors. Especially if that script is a general ASP script made by Godaddy itself.

Have your tried signing up to your newsletter yourself (with an email address you use yourself) to see if that would also result into a 'scrambled'/weird name and email address?

**Hudba** · 03-27-2006, 12:29 PM

I just tried subscribing to the newsletter myself and that worked just fine..nothing "scrambled".
That would make sense because before all this i was getting 2 or 3 subscriptions a week..not 10 a day.
I haven't had any problems in the last 24 hours by the way.

**Christopher** · 03-27-2006, 04:14 PM

What kind of script is it? Does the contact form send you an email based on a hidden form field, for example? (Thus, the end user could change the "to" address and use your form to spam)

And it could just be typical bots. On my blog, for example, I used to get countless gibberish comments. And spam bots using the "contact us" form on vBulletin sites sometimes get abused to send spam (I got one just today, actually). Try adding an image verification box to your forms or some other CAPTCHA technique.

**Hudba** · 03-27-2006, 06:35 PM

I just got a reply from the GoDaddy abuse dept. that basically tells Me to solve the problem myself:

"Dear Sir/Madam,

Thank you for contacting Customer Support.

More than likely it is just a spammer. We can do nothing regarding people filling out your forms with bogus information. It is my suggestion to make people sign up and have to use a username/password to login prior to being able to submite a form request. Even then, people can still sign up with bogus information.

Trenton B.
Customer Service"

The solution he gives me of having to have people "join" my site with a password before they could then sign up for a newsletter I think is ridiculous.
The suggestion of Chroder regarding the image verification box on the other hand i find to be a very good idea. Now i just have to figure out how to do that.

I will also attach the ASP script the forms on my site use so you guys can check that out.

Thanks for all the help so far, you guys are grrrreat!

**CasaPages** · 03-30-2006, 01:20 PM

Image verification and email verification will work best...that way you know the email address is correct...