Anti-mass mail securitycode

[Borntobewild]

My form has been flooded 2 times.
With mass email attacks. How can i avoid them?
Is there any php code that can handle this?
Like make it unpossible to login a second time with the same IP?

[jSherz]

What do you mean? Your registration form has been spammed? Login form attacked to gain entry to user accounts? Forgotten password form?

One thing you can do with any input is to use a CAPTCHA system, such as reCAPTCHA:

http://code.google.com/apis/recaptcha/docs/php.html

[Borntobewild]

What do you mean? Your registration form has been spammed? Login form attacked to gain entry to user accounts? Forgotten password form?

One thing you can do with any input is to use a CAPTCHA system, such as reCAPTCHA:

Yes but i am more looking for a code that makes it impossible to login more then 1 time in a minute.
Or 1 login at a day for the same IP. Do you know what i mean? 

[jSherz]

Yes but i am more looking for a code that makes it impossible to login more then 1 time in a minute.
Or 1 login at a day for the same IP. Do you know what i mean? 

Yes to which of those?

By login do you mean the form can only be submitted once a day by the same IP?

[Borntobewild]

Yes to which of those?

By login do you mean the form can only be submitted once a day by the same IP?

Yep, that's what i mean

[jSherz]

In that case, you'll have to store the IP addresses and then check if the last time that they submitted the form was more than a day a go. Do you have access to a MySQL database? Also, I think using reCAPTCHA would be a much easier solution - and it allows genuine requests to be sent multiple times per day.

[Borntobewild]

In that case, you'll have to store the IP addresses and then check if the last time that they submitted the form was more than a day a go. Do you have access to a MySQL database? Also, I think using reCAPTCHA would be a much easier solution - and it allows genuine requests to be sent multiple times per day.

Mmm but captcha takes more time to login.
Many members dislike that.
But there is no code to filter that?
Like there has to be passing 2 min after each login from the same IP.

Sorry for my maybe weird English sometimes. It's not my motherlanguage

[jSherz]

You're English is good! I don't know of any ready-made code that prevents a certain number of logins in a set period. If you're interested in reading about how to prevent this type of attack, have a look at Blocking Brute Force Attacks on OWASP. OWASP (The Open Web Application Security Project) has some excellent resources, including many for PHP (for example, top 5 PHP security issues).

[Borntobewild]

You're English is good! I don't know of any ready-made code that prevents a certain number of logins in a set period. If you're interested in reading about how to prevent this type of attack, have a look at

Mmm thanks, but my English is not yet good enough,
to understand everything on the websites you gave me 
But i learn everyday. I like to talk with English people which is fun,
and also a advantage to improve my English 
I don't know what to do with. But i think i found the problem.
refresh "5" .. could this be that cause the flooding?
Since i changed my form, it did not show up anymore.

The following error or errors occurred while posting this message:
We're sorry, but including links within posts is not available at this time. However, please feel free to include your PHP/HTML/CSS/Javascript code in your post, if you think this will help to describe your problem.

I always get this message when i reply a message with links inside.
Which is realy annoying because i have to remove the links everytime i want to reply 

[jSherz]

That's an anti-spam measure unfortunately! Could you post back with the bit of code that you removed?

[Borntobewild]

That's an anti-spam measure unfortunately! Could you post back with the bit of code that you removed?

I only removed the links.
Because i get that error when i quote a reply with links inside.
So i can not post it back because of the error.

[jSherz]

Can you post your login form code?

[Borntobewild]

Can you post your login form code?

From my website?

[jSherz]

Post the part of the login code that you removed (the refresh "5") part.

[Borntobewild]

Post the part of the login code that you removed (the refresh "5") part.

I think it was this:

header('Refresh: 3; url=index.html');