Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
M
M
mitrofan234122021-02-16 16:03:27
Burglary protection
mitrofan23412, 2021-02-16 16:03:27

Trying to hack a site through a feedback form? what to do?

The site consists of a couple of pages in php (two landing pages), there is a feedback form, and hundreds of requests per minute from some bot arrive through this form. The query strings are something like this, there are a bunch of different ones:

<IMG SRC=javascript:alert('XSS')>

javascript:/*</script><svg/onload='+/"/+/onmouseover=1/+/[*/[]/+((new(Image)).src=([]+/\

%{(#[email protected]@DEFAULT_MEMBER_ACCESS).(#_memberAccess?(#_memberAccess=#dm):((#container=#context['com.opensymphony.xwork2.ActionContext.container']).(#ognlUtil=#container


Regular shared hosting on php 5.6

How can you cut off such requests without setting captcha, and is it not a problem to bypass captcha now?
IP this spammer also changes constantly..

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
V
Vladimir Korotenko, 2021-02-16
@firedragon

Install clodfire. It will automatically add the captcha.

Report
T
ThunderCat, 2021-02-16
@ThunderCat

fail2ban

Similar questions
T
TinkyGO2020-10-29 13:52:21
How to display WooCommerce filters on the homepage? 2Reply
U
Uniq2016-08-21 09:31:25
SMS vulnerability or what is it? 2Reply
N
Nikolay2014-08-08 10:25:28
Hacking wifi while rebooting the router - reality or reality? 2Reply
N
NuRsAk2016-08-31 12:26:09
How to secure an Exchange mail server? 1Reply
I
IvanIF2020-11-09 22:05:23
How to prevent XSS attacks through this HTML code? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question