The MU forums have moved to

Disallow POST without a GET? (2 posts)

  1. fogster
    Posted 16 years ago #

    I've been noticing that most spammers will POST their garbage without ever issuing a GET for the comment form.

    Has anyone ever written, or thought about writing, a little plugin to check for this? I think the simplest way would be to create a new table in the database, where a GET for a page with a comment form would insert the post ID, IP address, and user agent.

    On receiving a POST, then, you'd check to see whether the IP + user agent pair had previously (in the past, say, 12 hours) retrieved the page. If they have, it proceeds normally, entering the post. And if they never got the page, you just throw an error and log their IP, having caught a spammer.

    I do wonder if this would break anything, though, such as GUI blogging tools. So I want to see if anyone has looked into this more seriously than I have.

  2. theapparatus
    Posted 16 years ago #

    Been around for quite some time:


About this Topic

  • Started 16 years ago by fogster
  • Latest reply from theapparatus