Online contact form - how to make it secure
Moderator: General Moderators
Online contact form - how to make it secure
I'm looking for a secure online form for email, so any possible customers can email us, had huge problem recently someone targeted our online form - it didnt have captcha, in 3 minutes we got 512 spam emails. So I am looking for something that will prevent this, any suggestions, please?
- kaisellgren
- DevNet Resident
- Posts: 1675
- Joined: Sat Jan 07, 2006 5:52 am
- Location: Lahti, Finland.
Re: Online contact form - how to make it secure
Welcome to the world of spam 

There are some things you need to take care of, but do not worry, I will not give you up. (I never gonna give you up, I never gonna let you down - sorry
)
What you would need to do is to limit the number of emails that can be sent by an IP in addition to having a CAPTCHA. You decide the limit of emails - 2 emails for 6 hours? Or 3 emails per 24 hours? Basically, you log the IP address (and do not use HTTP_X_FORWARDED_FOR, use REMOTE_ADDR) and log it into the database. Prior to sending any emails, check the database for the IP.
And about the CAPTCHA, I will not provide working code for a CAPTCHA, you may want to use this http://recaptcha.net/
Once you think you are ready, show us your code and we will look at it.

There are some things you need to take care of, but do not worry, I will not give you up. (I never gonna give you up, I never gonna let you down - sorry
What you would need to do is to limit the number of emails that can be sent by an IP in addition to having a CAPTCHA. You decide the limit of emails - 2 emails for 6 hours? Or 3 emails per 24 hours? Basically, you log the IP address (and do not use HTTP_X_FORWARDED_FOR, use REMOTE_ADDR) and log it into the database. Prior to sending any emails, check the database for the IP.
And about the CAPTCHA, I will not provide working code for a CAPTCHA, you may want to use this http://recaptcha.net/
Once you think you are ready, show us your code and we will look at it.
Re: Online contact form - how to make it secure
Can someone also take a look at my post Online Contact Form Validation
Thanks
Thanks