{"id":1028,"date":"2014-10-27T14:25:50","date_gmt":"2014-10-27T18:25:50","guid":{"rendered":"http:\/\/www.blogseye.com\/?page_id=1028"},"modified":"2014-10-28T09:19:42","modified_gmt":"2014-10-28T13:19:42","slug":"protection-php-anti-spam","status":"publish","type":"page","link":"http:\/\/blogseye\/protection-php-anti-spam.html","title":{"rendered":"Protection PHP anti-spam"},"content":{"rendered":"<p>For a long time I&#8217;ve needed a version of my WordPress Stop-Spammers plugin that will work on sites that don&#8217;t use WordPress. I have a dozen sites that are based on custom php code that need protection, but I&#8217;ve never really addressed the problem.<\/p>\n<p>I am testing a set of programs that I call &#8220;Protection&#8221; that use some of the methods that I&#8217;ve developed to stop spam. It is ridiculously easy to add to a PHP program. I added it to my HarpL.com site in less then 2 minutes.<\/p>\n<p>I am looking for testers. You can download the program here: <a href=\"\/protection.zip\">Protection Spam Control for PHP<\/a>.<\/p>\n<p>Please report all bugs.<\/p>\n<p>It is a new program. I have not yet ported all the anti-spam methods, but I am working on it.<\/p>\n<p>To make it work you need to unzip the file and copy the protection folder where your program will be able to get to it.<\/p>\n<p>You must then modify any programs that you need to protect with the line:<\/p>\n<p>require_once(&#8220;protection\/protection.php&#8221;);<\/p>\n<p>Naturally you would need to change the line to reflect the actual location of the protection folder.<\/p>\n<p>Protection protects against<br \/>\n1) missing Accept or Host headers<br \/>\n2) blacklisted user agents (you may want to edit the list in modules\/chkagent if you rely on anything other than Google, Bing and Yahoo.)<br \/>\n3) blocks malicious hits that use eval() or a common sql injection string.<br \/>\n4) checks to see if http_referer is correct for form submits<br \/>\n5) check for known spam servers<br \/>\n6) session speed check.<br \/>\n&#8230; more to come.<\/p>\n<p>It also checks for good hits so it does not block google, cloudflare, paypal, etc.<\/p>\n<p>Please test and report problems. I will add more modules as I get them.<\/p>\n<p>New Version 10\/28 &#8211; found a bunch of errors this morning. It still worked, but I cleaned up the errors. I added Speed Check set it to 2 seconds for a form submit, but I may reduce to 1 second. (I locked myself out at three seconds because I use firefox passwords and just clicked submit &#8211; no good.)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For a long time I&#8217;ve needed a version of my WordPress Stop-Spammers plugin that will work on sites that don&#8217;t use WordPress. I have a dozen sites that are based on custom php code that need protection, but I&#8217;ve never really addressed the problem. I am testing a set of programs that I call &#8220;Protection&#8221; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","meta":[],"_links":{"self":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/pages\/1028"}],"collection":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/comments?post=1028"}],"version-history":[{"count":6,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/pages\/1028\/revisions"}],"predecessor-version":[{"id":1034,"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/pages\/1028\/revisions\/1034"}],"wp:attachment":[{"href":"http:\/\/blogseye\/wp-json\/wp\/v2\/media?parent=1028"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}