How do I protect forms from file inclusion? - Developers

How do I protect forms from file inclusion?

7 replies, posted
In This Thread

Can some one tell me what these hackers are trying to do to this form? Here's the form fields: [code]Name Email Phone Description Photo 1 Photo 2 Photo 3 Submit[/code] Can someone help us figure out what they are trying to do and how to stop them? The remote file inclusions have been denied, all only attempted but Id like to stop this as soon as possible. [code]Remote file inclusion attempted. Debug information URI: &Name=Online catalogs sellers of viagra and cialis in the usa&Email=mkpvfzootr@crpomi.com&Phone=Cialis prescription&Description=gufudx/bvejpqfsdfqujpo/dpn, <a href="http://portlandesto.org/">Cialis coupon</a>, CEOMYbY, [url=http://portlandesto.org/]Cialis dosage[/url], fNvmLuw, [url]http://portlandesto.org/[/url] Cialis, pyesEcj.&Photo1=&Photo2=&Photo3=&chrono_verification=Cialis prescription&submit=Send Request&CustomCables=Custom Cable Form&4c83185ef4199f745d8ffd81b2df0faf=1 Match: =http://portlandesto.org/]Cialis dosage[/url], fNvmLuw, [url]http://portlandesto.org/[/url] Cialis, pyesEcj.&Photo1=&Photo2=&Photo3=&chrono_verification=Cialis prescription&submit=Send Request&CustomCables=Custom Cable Form&4c83185ef4199f745d8ffd81b2df0faf=1[/code]

[QUOTE=JadestoneX;40528043] [B]Can someone help us figure out what they are trying to do[/B] and how to stop them? The remote file inclusions have been denied, all only attempted but Id like to stop this as soon as possible. [/QUOTE] If you read closer you can see what they're trying to do, advertise Viagra. :v:

Not only that though, Random others have been tried different kinds of advertisements.

[QUOTE=JadestoneX;40549067]Not only that though, Random others have been tried different kinds of advertisements.[/QUOTE] It's not hackers. It's spambots.

[QUOTE=P1raten;40549422]It's not hackers. It's spambots.[/QUOTE] How do i protect from this.

Add various protection elements, such as a captcha of some sort, or question-based verification, or a honeypot verification.

[QUOTE=AndrewPH;40555285]Add various protection elements, such as a captcha of some sort, or question-based verification, or a honeypot verification.[/QUOTE] Thank you.

This is just spam, not an exploit.

Sorry, you need to Log In to post a reply to this thread.