Fighting spam and hackers with FIRE(walls): How to reduce contact form SPAM.
We’ve been having a hell of a time with Salesforce contact form spam as of late. Its been littered with junk about cheap Air Jordans, Louis Vitton bags, and other assorted hijack links. In the course of a week, we could have as many as 300 new “leads”, all of which were spam, and that was after instituting form validation on all the contact fields.
So, the next step was to find out where this spam was coming from. By adding a hidden field to the form, and tying it to the lead source, we were able to capture the IP address of every submitter. Well, most of the submitters were coming from this little village in Fuzhou China. You can find the location of such IP addresses from http://addgadgets.com/ipaddress/index.php.
If you use JSP in your site, here is the code to capture the IP for your Salesforce Web2Lead form:
<%
String ipaddress = request.getRemoteAddr();
%>
<input id=”lead_source” name=”lead_source” type=”hidden” value=”<%=ipaddress%>”>
So, the next step was to block the IP. This can be done via IPTables in linux. As these addresses were found in predictable blocks, we decided to block more than just the IP addresses listed. Instead we blocked entire countries. Yep. If you are reading this, then you are likely not blocked from our web site.
This website had an excellent shell script that handles all you need to block any specific country.
- Iterates through the countries you specify
- Gets the IP address blocks assigned to that country.
- Adds the block range to IPTables
- Recycles your IPTables to ensure a clean, fresh instance.
