View Full Version : How to prevent Guestbook being spammed

John W
16-12-2006, 08:20 AM
Hi there

I look after a website, a page of which acts as a Guestbook to allow anyone to submitt questons and or make comments on matters Club related.

In the lasdt week, Ive been Spammed by ringtones & other rubbish.

I was wondering if anyone else out there has rn into similiar problems and how they prevented thos occuring.

I dont want to start a Registration Process before submitters can make an entry as its a nuiciance to open communication and its yet another thing I need to learn, when Id really like an easy way out at present.

Presently, I use the Guestbook facility in Frontpage as the draft to make the webpage, recording direct to the Guestbook, as well as sending me an email alerting me thers ben an entry and its contents.

Comments welcome please.

John in Mosgiel.

16-12-2006, 08:33 AM
Ban anyone who spams it, and post a reminder in the guestbook.

16-12-2006, 09:32 AM
It's a really common thing that you'll have to accept. The only precautions you can take are noting the IP address of the spammer, and if it's the same more than once ban it.

John W
16-12-2006, 11:03 AM
Thanks for the replies.

assuming the IP address remain constant, where/how do I go about preventing IP address from posting to a site.

And onother thing, IP address never remain static for long, so this is unlikely to work.

Comments please.


16-12-2006, 11:13 AM
You would need to look at the Admin panel of the guestbook - assuming it has that function, If you have a simple/free guestbook you might not have that option.

Alot of sites are now making people enter codes before they do something(like when your signing up to a serivce you have to enter a 6 digit number), if you could find a guestbook that does this it would mean that the autobot spammers will not beable to get it.

Or you could just make people log in before accessing the book - i dont think frontpage can do this but any online guestbook script should allow this.

16-12-2006, 11:27 AM
You need to advise what version of guestbook you use. The few I've run have the IP displayed when you're logged in as admin.

The reason for banning an IP is that if it's the same more than once it suggests that the spammer has a static (fixed) IP - it's not all that uncommon.

Having said that though, it's kinda unlikely that a spammer will be using their own or a fixed IP.

Generally you'll just need to monitor the site for spam and delete them on a daily basis. The chore kinda comes with the territory when managing online forums, guestbooks etc.

John W
16-12-2006, 12:11 PM
Thanks for all your comments.

I will keep them in mind and see how we go.


16-12-2006, 06:25 PM
Well if it is automated spammers then using a CAPTCHA device will stop them from posting as it requires a user to enter a eg. 4 letter code before submitting. Also you can ban IP addresses using .htaccess

Order allow,deny
Allow from all
Deny from
Deny from
Deny from

You can even block whole countries if you wish :)

16-12-2006, 08:32 PM
Any idea if it's people or bots spamming it? An image that they have to enter might help (like is used in most registrations these days). Just a simple short one that won't be much of an inconvenience but will screw bots over.

Assuming they're free and easy to implement.

John W
17-12-2006, 10:20 PM
Well hers the latest, received today...
How do I tell if its human or Bot generated?

Username: cialis
Remote Name:
Remote User:
Date: 17 Dec 2006
Time: 15:27:31


[edit: urls removed - really no need to add to the links pointing to a website where you can buy certain um, performance enhancing drugs]

18-12-2006, 08:26 AM
Hard to say with certainty, but in all probibility it's a spam bot. The IP address is a known and prolific spam source.

From Spamhaus:

Ref: SBL48749 is listed on the Spamhaus Block List (SBL)

04-Dec-2006 22:16 GMT | SR08

form/blog spam source is a massive source of form/blog spam sent via http.
Part of this form spam is converted into mail spam getting into the
mailboxes of web site administrators and contact addresses.

Likely an open http proxy.

18-12-2006, 11:28 AM
Hi John

Personally i would recommend ditching the frontpage based guestbook

But if you insist on using it then have a read of this

Have a look at this (http://forums.webworkshop.org/showthread.php?t=2025&highlight=guestbook+spam)

Also there is a solution mentioned here (http://www.expression-web-designer-help.com/forum/forum_posts.asp?TID=27&PN=2)

example using the mentioned script (http://www.angelwingnursery.com/messages.htm)

20-12-2006, 12:43 PM
I think it's unpreventable because a few days ago i found such "guestbook" hack on the net.

Graham L
20-12-2006, 03:04 PM
The only way to "prevent Guestbook being spammed" is the simple one. Don't have a Guestbook. :D Or else have a web site ona host which isn't connected to the Internet. :thumbs:

PressF1 requires registration before anything can be posted. PressF1 fairly often gets postings from determined spammers. That makes unnecessary work for the moderators, and I doubt if it gets any sales for the perpetrators.