How to protect Contact Form from spam?

Sajid · ‎19-Apr-2020

Hi Guys,

Is there any solution from F5 to protect Contact Form from spam input?

I have tried ASM custom banned words, but it's not working.

any good solution?

Regards,

Sajid

Ivan_Chernenkii · ‎21-Apr-2020

You can use several approaches to protect it:

As I said before, you can configure bot profile, to protect you application from bots.
You can define appropriate parameter "name" in policy with some restrictions, like "Email" data type or aplha-numeric data type with maximum length (e.g. 50 characters) or with some regex rule or with some disallowed metacharacters
You can create special valuecontent signature with special rule, which will match bad pattern

Thanks, Ivan

View solution in original post

Ivan_Chernenkii · ‎20-Apr-2020

Hello Sajid,

Could you provide any example of what you want to protect and from what inputs?

If you want to protect Form from input from bots, then you can use bot profile for you application, which was introduced in ASM starting from v13.0.0.

Thanks, Ivan

Sajid · ‎21-Apr-2020

Hi Ivan,

This kind of data getting from contact us form.

name=611__***ХОТИТЕ+ЗАРАБОТАТЬ+100000р.?+ЧИТАЙТЕ+ПОДРОБНОСТИ:+https://is.gd/JBvrvY++***__478&email=dmitrii.golub@mail.ru&contactnumber=249223&comment=544397&submit=?????

Regards,

Sajid

Ivan_Chernenkii · ‎21-Apr-2020

You can use several approaches to protect it:

As I said before, you can configure bot profile, to protect you application from bots.
You can define appropriate parameter "name" in policy with some restrictions, like "Email" data type or aplha-numeric data type with maximum length (e.g. 50 characters) or with some regex rule or with some disallowed metacharacters
You can create special valuecontent signature with special rule, which will match bad pattern

Thanks, Ivan

DevCentral

How to protect Contact Form from spam?