This is Interesting: Free Magazines for Graphics designers and webmasters  


Home > Archive > Webmaster forum > November 2006 > PHP contact form





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author PHP contact form
Jez

2006-11-19, 7:55 pm

My PHP contact form has been compromised. Someone has managed to send
out spam from it. I know because I get the confirmations each time. Is
there anything I can do about it?

Thanks,

Jez.
F. Lopez

2006-11-19, 7:55 pm


"Jez" <j.ez@virgin.net> wrote:

> My PHP contact form has been compromised. Someone has managed to send out
> spam from it. I know because I get the confirmations each time. Is there
> anything I can do about it?
>
> Thanks,
>
> Jez.

Hi, something similar happened to one of my websites some days ago, hackers
are bad. Taking it easy I started to block and eliminate the trojan
debugging it local and remote, then asking my provider to install full
protection antivirus server-side. I overcome the messing that way, good
look. bye.


Karl Groves

2006-11-19, 7:55 pm

Jez <j.ez@virgin.net> wrote in news:4rll5hFs305hU1@mid.individual.net:

> My PHP contact form has been compromised. Someone has managed to send
> out spam from it. I know because I get the confirmations each time. Is
> there anything I can do about it?
>

Use a better contact form.

Review this document http://www.securephpwiki.com/index.php/Email_Injection



--
Karl Groves
www.karlcore.com
William Tasso

2006-11-19, 7:57 pm

Fleeing from the madness of the jungle
Jez <j.ez@virgin.net> stumbled into news:alt.www.webmaster
and said:

> My PHP contact form has been compromised. Someone has managed to send
> out spam from it. I know because I get the confirmations each time.

first off, can you tell whether it's just your form or the server that has
the weakness?

> Is there anything I can do about it?

Sure, assuming it's the form (or more likely the form processing script),
pull it apart line by line and identify the error - then fix it.

Alternatively, if script debugging ain't your thing, find another
form/script.

In the meantime, I think you should probably disable the functionality
before your IP gets onto too many block-lists.

--
William Tasso

http://williamtasso.com/words/what-is-usenet.asp
I Hate Stock Spams

2006-11-19, 7:57 pm

> My PHP contact form has been compromised. Someone has managed to send
> out spam from it. I know because I get the confirmations each time. Is
> there anything I can do about it?

Here is something you might or might not find useful from a post I executed a couple of
month ago:

> Some good (and a lot of vulnerable) PHP and PERL solutions are out there.
> I prefer the nms form at http://nms-cgi.sourceforge.net/ because it is
> configurable yet can be kept safe and the instructions are very straightforward.
> The ostermiller for (http://ostermiller.org/contactform/ ) also works with little
> chance of being cracked and he has a list of other secure forms on that web page.
>

Probably very much applicable to your case:

> Some more technical information is on Damon Kohler's wiki at
> http://www.securephpwiki.com/index.php/Email_Injection. Even if you are not too
> technical, it is worth a read to see what you are up against.





Jez

2006-11-19, 7:57 pm

William Tasso wrote:
> Fleeing from the madness of the jungle
> Jez <j.ez@virgin.net> stumbled into news:alt.www.webmaster
> and said:
>
>
>
> first off, can you tell whether it's just your form or the server that
> has the weakness?

I have no idea. How would I tell? The form in question is located at
http://www.rusticstone.net/contact.php

>
>
>
> Sure, assuming it's the form (or more likely the form processing
> script), pull it apart line by line and identify the error - then fix it.

Hmm, that's not all that likely to happen. I am the equivalent of a a
caveman when it comes to code like that. Probably a slightly backward
caveman.

>
> Alternatively, if script debugging ain't your thing, find another
> form/script.

That's a bit more possible. I will see what I can find and modify.

>
> In the meantime, I think you should probably disable the functionality
> before your IP gets onto too many block-lists.

Will do.

Thanks William.

Jez.
Jez

2006-11-19, 7:57 pm

I Hate Stock Spams wrote:
[color=darkred]
>
>
> Here is something you might or might not find useful from a post I executed a couple of
> month ago:
>
>


Thanks, I will take a good look at those tomorrow.

Jez.
Jez

2006-11-19, 7:57 pm

Karl Groves wrote:

> Jez <j.ez@virgin.net> wrote in news:4rll5hFs305hU1@mid.individual.net:
>
>
>
>
> Use a better contact form.
>
> Review this document http://www.securephpwiki.com/index.php/Email_Injection
>
>
>
I read it. I now understand the problem. Now I just have to fix it!

Thanks.

Jez.
Mark Goodge

2006-11-19, 7:57 pm

On Sun, 12 Nov 2006 11:09:53 +0000, Jez put finger to keyboard and
typed:

>William Tasso wrote:
>
>I have no idea. How would I tell? The form in question is located at
>http://www.rusticstone.net/contact.php

Look at the code. If you're not sufficiently familiar with PHP to tell
whether it's insecure or note, then post the code here so that other
people can have a look.

Mark
--
Visit: http://www.ukcommunityradio.info - Community Radio in the UK
"A singing bird in an open cage who will only fly, only fly for freedom"
Sponsored Links


Copyright 2003 - 2008 forum4designers.com  Software forum  Computer Hardware reviews