How to effectively prevent spam messages and spam comments on websites (message boards)? This article provides detailed solution ideas and implementation steps. Friends who need to know more can refer to the following
1. On the form filling page: <input type="hidden" value="<%=Now()%>">
On the submission processing page, set the submission time
Copy the code code as follows:
If DateDiff("s",request.form("intime1"), Now()) < 5 then
response.write "<SCRIPT language=JavaScript>alert('Your message speed is too fast, it is forbidden to leave messages!');"
response.write "this.location.href='vbscript:history.back()';</SCRIPT>"
response.end
end if
2. Verification code
Copy the code code as follows:
yz=cstr(request.Form("yz"))
yz1=cstr(session("yz1"))
if yz1<>yz then
Response.Write("<script language=javascript>alert('Please enter the verification code correctly!');</script>")
response.redirect("sign.asp")
end if
3. Determine the origin
Copy the code code as follows:
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
'Response.Write(server_v1)
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
'Response.Write(server_v2)
if mid(server_v1,8,len(server_v2))<>server_v2 then
Response.Write("<script language=javascript>alert('External submission of data is prohibited!');</script>")
response.end
end if
4. Set the number of daily submissions
Copy the code code as follows:
'When the user submits once
if request.cookies("postnum")="" then
response.cookies("postnum")=1
response.cookies("postnum").expires=DateAdd("h", 24, Now())
else
response.cookies("postnum")=request.cookies("postnum")+1
end if
if request.cookies("postnum") > 3 then
response.write "<SCRIPT language=JavaScript>alert('The number of messages today has exceeded the limit, messages are prohibited!');"
response.write "this.location.href='vbscript:history.back()';</SCRIPT>"
response.end
end if
5. Ban IP
Copy the code code as follows:
server_ip=Cstr(Request.ServerVariables("REMOTE_ADDR"))
if right(server_ip,8) = "194.165." then
response.write "Overlapping submissions 194.165 are prohibited."
response.End()
end if
1. Determine whether the released information has a reliable source. As long as it is posted by a natural person, it must have come through the submission page we provide to users, and there must be a source; if it is posted by a machine, there will be no source information.
'Determine the origin and prohibit external submissions
Copy the code code as follows:
dim server_v1,server_v2
server_v1=Cstr(Request.ServerVariables("HTTP_REFERER"))
server_v2=Cstr(Request.ServerVariables("SERVER_NAME"))
if server_v1="" or instr(server_v1,"/add.asp")<=0 or mid(server_v1,8,len(server_v2))<>server_v2 then
response.write "<SCRIPT language=JavaScript>alert('Illegal source, external submission prohibited!');"
response.write "this.location.href='vbscript:history.back()';</SCRIPT>"
response.end
end if
Note that /add.asp above is the source page of the submission page. Of course, the machine can also forge the origin, which needs to be dealt with in combination with the following methods.
2. Verification code. Verification codes have always been a viable method to deal with machine spam messages. Different verification codes have different abilities to deal with machine messages. The more complex the verification code, the harder it is for machines to crack. This requires choosing a balance between considering the user's feelings and dealing with the machine. I won’t say much about how to use the verification code. Searching on Google and Baidu will bring up many introductions.
3. Determine the time of source submission. If the time spent on the submission page is too short, such as 20 seconds, generally as long as it is an individual, his typing time does not need to be this short. For example, when the user opens the page (such as add.asp), we record the time and add a hidden object to the form submission form, such as:
<input type="hidden" value="<%=Now()%>">
Then, when the user writes a message and submits it to the specific processing page (such as addok.asp), we get the current time and compare it with the intime1 time in add.asp. If the time difference is less than the set time, such as 20 seconds, messages are prohibited and it is determined to be a machine. The code can be written like this:
Copy the code code as follows:
If DateDiff("s",request.form("intime1"), Now()) < 20 then
response.write "<SCRIPT language=JavaScript>alert('Your message speed is too fast, it is forbidden to leave messages!');"
response.write "this.location.href='vbscript:history.back()';</SCRIPT>"
response.end
end if
Through the above three methods, most of the spam comments made by robots can be blocked. If there are still a large number of comments, they are probably left by human flesh. But how do we deal with human messages? flymorn also provides methods to deal with it.
The method is very simple, which is to limit the number of comments posted by the same user by recording the user's cookies and IP. For example, within 24 hours a day, the same user is only allowed to post 5 messages. We can achieve this through the following methods.
Copy the code code as follows:
<%'When the user submits once
if request.cookies("postnum")="" then
response.cookies("postnum")=1
response.cookies("postnum").expires=DateAdd("h", 24, Now())
else
response.cookies("postnum")=request.cookies("postnum")+1
end if
if request.cookies("postnum") > 5 then
response.write "<SCRIPT language=JavaScript>alert('The number of messages today has exceeded the limit, messages are prohibited!');"
response.write "this.location.href='vbscript:history.back()';</SCRIPT>"
response.end
end if
%>
Through the above restrictions, manual posting has also been restricted to a certain extent. The above method is based on cookie judgment. Of course, users can clear COOKIES through the browser, but this makes it more difficult for them to post spam posts and raises the threshold. We can also continue to determine the IP of the publisher and achieve our goal by limiting the number of posts under the same IP. There will be no further expansion here. You can design your own method of how to determine IP to limit posting. If you have opinions or suggestions on the topics discussed in this article, please leave a comment so we can discuss it together.