I'm getting married! - More Details

Comment spam causing exceptions

Wednesday, December 06, 2006 10:06 PM

I recently started paying closer attention to the unhandled exceptions that are occuring on dustyd.net. My error log is FILLED with ArgumentExceptions, FormatExceptions & HttpRequestValidationExceptions, all caused by spam bots. Take for instance this one:

HttpRequestValidationException

Look closely and you'll see that it's someone trying to stick a spammy link value into a CHECKBOX! The only thing I can think of is some sort of automated spider running that just finds any and all form fields, and sticks spammy URLs into them.

Those errors are probably easy enough to fix. I'll just disable request validation, and validate the fields myself. I just find it amazing the lengths that spammers will go to. I suppose spidering blogs and inserting comments doesn't really take much effort.

Comments

Quix0r 12/7/2006 5:46:15 AM
I have experienced this yesterday evening with a contact form of my best friend. The spammer has added some spammy text into a hidden field which was my mistake to insert it. It shall contain a login ID when a customer is logged in or the word "guest" when it's a guest contacting him.

Well, he got nothing from this because the mail was sent to my friend and me but not to the BCC-ed email address. :( Now I have used mysql_real_escape_string() and some sanity checks on the submitted data... And so I hope the spam is gone. :-/


Post a comment

   
 
  
  

    

All content © Dusty Davidson