HomeDesigning Your WebsiteWebmaster's Corner

Random submissions - is it a DDoS attack?

kht posted this at 10:24 — 27th January 2009.

They have: 8 posts

Joined: Jan 2009

Hi everyone,

My website has a form submission page for volunteering and has recently been egtting errorneous submissions with the value:

gqTLq8 kpghvpcrdjiv, [url=http://cqwruudmhkrr.com/]cqwruudmhkrr[/url], [link=http://iveweqcgynal.com/]iveweqcgynal[/link], http://gqavjkmjlazw{.}com/

as the entry in any sort of text box of sufficient length, and garbled rubbish anywhere else. It is pretty obvious to me that it is some sort of bot doing this but does anybody have any idea how to sort it out? We also have a donations page which is being hit with a vast number of donations that cannot be verified (mis-matched addresses or fake addresses) which are becoming an extreme pain as for a period they were submitted one per minute for about an hour (which was fun to filter through on WorldPay).

Any help would be massively appreciated, I am getting started as a webmaster and so this is a new occurence to me, so thanks again for any help provided.

greg posted this at 13:31 — 27th January 2009.

greg's picture

He has: 1,581 posts

Joined: Nov 2005

Well, firstly it's not a Dos/DDoS. A DoS is a Denial Of Service, which isn't anything related to spamming website forms or forum posts, it's about (basically) sending so much data to a server that it overloads the server and the server will crash. "Denying service" as a downed server cannot serve websites.

"Distributed" (DDoS) means the attack came from several places at once, usually other hacked servers so the attacker can send a vast amount of data at once from different IP's.

It sounds like you are simply getting spammed. As for the donations page.. what it is? A form of some kind? A Paypal style "Paynow" button?

One method for forms is to have a captcha/validator of some kind to stop auto bots trying to fill in forms.
But a link to your site would help so we can see what is being spammed.

COSSOFT posted this at 17:07 — 27th January 2009.

They have: 18 posts

Joined: Jan 2009

I used to get quite a bit of similar crap. Some of it was readable and some not - I guess that not all of the spam bots work equally well.

In the end I went for a captcha thingie. Wrote it myself, and whilst the greatest minds in the scientific community might eventually crack it after many years of effort, it's stopped the bots in their tracks Wink

Try Googling "recaptcha" for something a little better.

kht posted this at 15:13 — 29th January 2009.

They have: 8 posts

Joined: Jan 2009

Thankyou for your help and suggestions. The submissions seem to have stopped over the past week and I am in the process of redesiging and organising the website in order to migrate it to a new host and hosting plan (the site is http://www.karenhilltribes.org.uk if you want to have a look).

Thanks again for all your help and I will ensure I add a captcha thing to the forms when I migrate the site across.

On a side note, any suggestions for a good host for a small sized charity with a shop would be well considered Smiling

Thanks again!

Want to join the discussion? Create an account or log in if you already have one. Joining is fast, free and painless! We’ll even whisk you back here when you’ve finished.