Weirdest Email/Form Problem

  • I ran into the weirdest problem on a wordpress site I just created.

    I made a custom email submission form on this page: https://fitms.org/request-an-appointment/

    The form action runs a PHP script that I put in the directory /fitms/wp-content/themes/remag/php (I orginally had the script in the site root and I moved it there to see if it would fix the problem: it didn’t)

    Here is the issue. As soon as the form-action php script is on the site, I immediately start getting an email once or twice per minute filled with random text. There is no way it is coming from a spammer because it literally started the second I uploaded the file. The emails keep coming and coming until I remove the php file. WHY IS THIS HAPPENING??

    Here are the emails I get:

    Someone has scheduled an appointment using the fitMS Website Form

    [ SPAM content redacted again ]
    Type of Appointment:

    (notice they all come from a random @outlook.com email address)

    Here is the code in my PHP script. I added the ‘prove you are human’ 2+2 =4 thing to stop the emails from coming. It has fixed the problem but I still need to know what was causing that and I’d imagine the server is still running the script so it is constantly wasting server resources.

    <?php
$name = $_POST['name'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$datetime = $_POST['datetime'];
$service = $_POST['typeoptions'];
$math = $_POST['math'];

//setup email
$headers = "From: fitMS Website Server <>\n";

$headers .= "Content-Type: text/plain; charset=iso-8859-1\n"; 

if ($service == 'massage'){
	$recipient = "XXXXX, XXXXX, XXXXX";
}
elseif ($service == 'chiropractic' || $service == 'nutrition' || $service == 'food-sensitivity' || $service == 'acupuncture'){
	$recipient = "XXXXX, XXXXXX, XXXXXX";
}
else {
	$recipient = "XXXXX,XXXXXXX";
}

$subject = "fitMS Appointment Scheduled Online";

$message = "Someone has scheduled an appointment using the fitMS Website Form\n\nName: ".$name."\nEmail: ".$email."\nPhone: ".$phone."\nPreferred Date/Time: ".$datetime."\nType of Appointment: ".$service."\n\n\n\n";

if ($math == "4" || $math == "four" || $math == " four" || $math == " 4"){

mail($recipient, $subject, stripslashes($message), $headers);
}

header( 'Location: https://www.fitms.org/thank-you' );

?>

    Please give any suggestions/theories and I really appreciate the help!

    -Tim

Viewing 3 replies - 1 through 3 (of 3 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Here is the issue. As soon as the form-action php script is on the site, I immediately start getting an email once or twice per minute filled with random text.

    It doesn’t look like you’ve got any spam controls on that code. That’s what that all is, SPAM.

    Rather than re-inventing the wheel have you considered using a contact or event plugin that will also use spam control such as Akismet?

    https://www.ads-software.com/plugins/search.php?q=contact+form
    https://www.ads-software.com/plugins/search.php?q=event

    Until you have someway of validating the form submission then you’ll continue to get hit by spam.

    Thread Starter timhebel

    (@timhebel)

    Well I do have spam control on there, it’s the section where it asks what 2+2 = and if the user doesn’t put in “4” or “four” than the email doesn’t send.

    The reason that I don’t think it is spam is because within seconds of uploading the file, I started getting the emails. How could a spammer bot have possibly found it within moments of the file’s creation?

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Check your web server’s logs. If those form submissions are coming via a POST from Internet IP addresses then it’s spam.

    I’m something like 99.999% sure that you’ll find those POST entries in your log. That’s how spam bots work.

    How could a spammer bot have possibly found it within moments of the file’s creation?

    If there’s a link to that form, and there is via your home page, the spam bots will 100% find it every time. Also 2+2=4 hasn’t been an effective spam control for a really long time now.

    Spam bots can get around captchas so I don’t think simple arithmetic is going to slow them down.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Weirdest Email/Form Problem’ is closed to new replies.