Frage
I've got a website in which there is a simple "Newsletter" signup form. The form is setup via a Wordpress plugin called "Contact Form 7". When the form is submitted, I get an e-mail of the persons name and their e-mail address rather than sticking it in a database (as the client has requested). All of the form submission code is written in PHP.
There's an issue with spam (always 5 e-mails at a time and 4 days apart) in which random-character names are input with legitimate e-mail addresses.
However, the bit that's getting me is that these bots aren't submitting from the form on the actual website.. they're somehow bypassing it and submitting elsewhere. When a form is submitted via the website, I am e-mailed debugging information regarding the submission. With these bot/spam submissions, there is no debug information e-mailed to me.
I cannot figure out how they are managing this. My first thought was that they were accessing the scripts/PHP files directly, so I blocked direct access to the entire contact form root.. but I am still getting the spam.
Any suggestions?
Lösung
We managed to find where the e-mail was coming from via the logs.
It was coming from an old instance of the website via our previous web hoster (where the site was before we moved it). We have simply deleted that instance.
All should be well!
Thanks for the help, guys.
https://stackoverflow.com/questions/19360984
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian