5 Ways To Get Your Website Shut Down By Spammers
29 JULY 2014Every day spammers hit thousands of websites and a number of these are shut down by their ISP or webhost for “abuse”.
Damage done by spammers can take two forms:
a) General annoyance such as posting adverts on your forum or spam comments on your blog which are irritating and time-consuming to resolve but are unlikely to get you shut down. There are, however, cases in which even this damage could get you into some hot water with your host.
b) Malicious use of your website in some way which could get you shut down.
Here, then, are what I view as the top 5 problems spammers could cause to your business, and what to do about them.
1) Contact Us Forms
Many contact forms such as the popular formmail script are easily attacked by hackers, enabling them to email thousands of spam messages an hour using your server, your bandwidth and consequently your money. This heavy server load slows down your site and any others hosted on the same server and may well cause you problems when your webhost spots what is happening. I had my FTP account to one of my sites blocked a few years ago for just such a problem.
My host refused to unlock it unless I agreed to permanently remove my contact form so spammers couldn’t use it any more.
Just as bad, a wrong spam complaint from your domain, could also result in you being blacklisted (at best) or shut down (at the worst).
The solution here is to ensure your email address is hard coded into the script itself - so it simply won’t work if hackers try to email someone else from it - rather than the age-old technique of just having your email address submitted as a hidden field in the form itself.
2) Heavy Server Loads
Any automated scripts used by spammers can cause real drains on your server as it slows to a crawl. This is why sites like Google will ban you from using their services if you’re caught using any automated scripts to access their site.
This is often seen in the form of forum hacking - spammers either posting hundreds of adverts to your forum, or harvesting everyone’s email addresses to be able to spam them individually by email.
I have had it happen to me and seen the pages accessed shoot through the roof for a few weeks.
The simple answer here is to (1) keep a close eye on your forum, banning spammers by IP and email address, and if necessary temporarily disabling your forum until they get bored and find another victim and (2) register for updates whenever an upgrade of your chosen forum software is available so that you can upgrade as soon as possible to keep security gaps to a bare minimum.
3) Excessive Spam Sent To You
If you received 5,000 spam emails in the next hour you can be sure your host would take note.
So keep your email address as private as possible.
Don’t actively give it out on your site as spambots can easily harvest this information. Give it as an image file if you have to, or use a secure contact form or help desk script to really improve security.