I have a form which has been discovered by some abuse script. Every night it posts several spam-messages on my form.
What are the “tricks of the trade” to avoid such activity?
I currently do not have DB or file write permission on the server where this form is located, but if that is necessary it suppose I can get it. My form is integrated in a CMS-system, and it is handled by a PHP-script I have control over.
One idea I have is to add a identifier to the form to prevent it from being submitted more than once from the same IP within a sertain timeframe, but this would require DB / file access. Or maybe sessions could do it?
