0
Kayıt Ol

İletişim Formundan Captcha'sız Spam Nasıl Engellenir?

3

359

  • 03-03-2019, 06:04:03
    #1
    SezerX
    SezerX
    Evet arkadaşlar, sorarım size. Farklı IP/Ülkelerden sürekli spam geliyor, günde 30 kere falan geliyor, sunucunun mail fonksiyonu kapalı, iletişim formuna smtp bağladım fakat eleman formu bota bağlamış sürekli çeşitli yerlerden form göndertiyor, captchasız nasıl aşarız?

    Forma $_SERVER'i json olarak dahil ettim belki fikir bulabiliriz diye.
    http://prntscr.com/msgvhp


    Gelen form;
    Telefon:
    E-Posta: heathmarr@gmail.com
    IP Adresi: 51.15.56.18

    {"USER":"civrilpa","HOME":"/home/civrilpa","FCGI_ROLE":"RESPONDER","UNIQUE_ID":"XHh nuxkEF7UFzfemtDdoFwAAAVA","proxy-nokeepalive":"1","HTTP_HOST":"civrilpansiyon.com","HTTP_REFERER":"http://civrilpansiyon.com/","HTTP_X_FORWARDED_HOST":"civrilpansiyon.com","HTTP_X_FORWARDED_PORT":"80","HTTP_X_FORWARDED_P ROTO":"http","HTTP_X_FORWARDED_SERVER":"civrilpansiyon.com","HTTP_X_REAL_IP":"51.15.56.18","CONTENT_LENGTH": "62","HTTP_USER_AGENT":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.157 Safari/537.36","HTTP_ACCEPT_LANGUAGE":"ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","HTTP_ACCEPT_CHARSET":"windows-1251,utf-8;q=0.7,*;q=0.7","CONTENT_TYPE":"application/x-www-form-urlencoded","PATH":"/usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin","SERVER_SIGNATURE":"","SERVER_SOFTWARE":"Apac he","SERVER_NAME":"civrilpansiyon.com","SERVER_ADDR":"*","SERVER_PORT":"80","REMOTE_ADD R":"51.15.56.18","DOCUMENT_ROOT":"/home/civrilpa/public_html","REQUEST_SCHEME":"http","CONTEXT_PREF IX":"","CONTEXT_DOCUMENT_ROOT":"/home/civrilpa/public_html","SERVER_ADMIN":"webmaster@civrilpansiyon.com","SCRIPT_FILENAME":"/home/civrilpa/public_html/form.php","REMOTE_PORT":"41038","GATEWAY_INTERFACE ":"CGI/1.1","SERVER_P ROTOCOL":"HTTP/1.1","REQUEST_METHOD":"POST","QUERY_STRING":"","RE QUEST_URI":"/form.php","SCRIPT_NAME":"/form.php","PHP_SELF":"/form.php","REQUEST_TIME_FLOAT":1551394747.4297,"RE QUEST_TIME":1551394747,"argv":[],"argc":0}

    {"USER":"civrilpa","HOME":"/home/civrilpa","FCGI_ROLE":"RESPONDER","UNIQUE_ID":"XHh pFyKIMuUM8ChUMLzFxwAAAFg","proxy-nokeepalive":"1","HTTP_HOST":"civrilpansiyon.com","HTTP_REFERER":"http://civrilpansiyon.com/","HTTP_X_FORWARDED_HOST":"civrilpansiyon.com","HTTP_X_FORWARDED_PORT":"80","HTTP_X_FORWARDED_P ROTO":"http","HTTP_X_FORWARDED_SERVER":"civrilpansiyon.com","HTTP_X_REAL_IP":"51.15.106.67","CONTENT_LENGTH" :"72","HTTP_USER_AGENT":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36","HTTP_ACCEPT_LANGUAGE":"ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7","HTTP_ACCEPT":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8","HTTP_ACCEPT_CHARSET":"windows-1251,utf-8;q=0.7,*;q=0.7","CONTENT_TYPE":"application/x-www-form-urlencoded","PATH":"/usr/local/jdk/bin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/usr/X11R6/bin:/usr/local/bin:/usr/X11R6/bin:/root/bin:/opt/bin","SERVER_SIGNATURE":"","SERVER_SOFTWARE":"Apac he","SERVER_NAME":"civrilpansiyon.com","SERVER_ADDR":"*","SERVER_PORT":"80","REMOTE_ADD R":"51.15.106.67","DOCUMENT_ROOT":"/home/civrilpa/public_html","REQUEST_SCHEME":"http","CONTEXT_PREF IX":"","CONTEXT_DOCUMENT_ROOT":"/home/civrilpa/public_html","SERVER_ADMIN":"webmaster@civrilpansiyon.com","SCRIPT_FILENAME":"/home/civrilpa/public_html/form.php","REMOTE_PORT":"41594","GATEWAY_INTERFACE ":"CGI/1.1","SERVER_ PROTOCOL":"HTTP/1.1","REQUEST_METHOD":"POST","QUERY_STRING":"","RE QUEST_URI":"/form.php","SCRIPT_NAME":"/form.php","PHP_SELF":"/form.php","REQUEST_TIME_FLOAT":1551395095.7715,"RE QUEST_TIME":1551395095,"argv":[],"argc":0}
  • 03-03-2019, 06:26:40
    #2
    Coffee
    Coffee
    Karsindaki kisinin kafayi ne derece taktigina göre önlem de degisir.

    Giris seviyesindeki önlemler
    - Formun doldurulma süresine bak, x saniyeden kisaysa islem yapmasin.
    - Form elementlerini dinamik adlandiracak sekilde ayarla veya birden fazla mailformun olsun, bunlari rastgele göster.
    - Mail formunu ayri bir sayfaya al, sayfaya erisimde cesitli kontroller koy.
    - Normal cookie degil Flash cookie yaz, kontrol et yasakla.

    Ileri seviye önlem
    - Sadece IP degil fingerprint al, karsilastir ve yasakla. Nihayetinde Google bile bunu yapiyor.
    https://www.henning-tillmann.de/en/2...ns-are-unique/
    özel mesajlar gelmeden buraya ekliyorum. sag altta Download files basliigi altinda dosyalar verilmis, sql ve php.
  • 08-03-2019, 15:30:44
    #3
    yusufakgun
    yusufakgun
    csrf token kullanabilirsin
  • 10-03-2019, 00:47:19
    #4
    Zeta
    Zeta
    neden captcha kullamak istemiyorsunuz ?