Troubleshooting
      Back to home
      1. Knowledge Base
      2. Web Application Scanning
      3. Troubleshooting

      Why are my website forms spammed?

      Our web application scanner (WAS) performs tests of website forms which might result in you getting many messages or emails. To avoid this problem, you can either exclude the URL for the form action, exclude the URL with the form, or block Holm Security VMP IP ranges from posting forms.

      Exclude pages containing forms or the form action URL

      Follow this instruction to exclude one or more URLs:
      https://support.holmsecurity.com/knowledge/how-do-i-exclude-one-or-more-urls-from-being-scanned

      Or follow this instruction to do more advanced excludes using regular expression (regexp):
      https://support.holmsecurity.com/knowledge/how-do-i-make-a-custom-rule-for-exclusion-of-urls-for-the-web-application-scanner

      Block Holm Security VMP IP range

      Our IP ranges are specified here:
      https://support.holmsecurity.com/knowledge/what-are-the-firewall-settings-for-scanner-appliance

      Being spammed is a security issue

      If our web application scanning spammed you mail server or system, it can be a sign of a vulnerability that needs to be solved. Some sites have no validation at all and some have validation that depends on the client, in other words the browser. Often validation is done using JavaScript in the client. By turning off JavaScript in the browser, the user can easily bypass the validation. A hacker with a simple program/script can take advantage of this by bypassing the validation and make attacks that can make the receiving mail server or software that handles data from the form slow or unavailable.

      The safest way to protect your form is to add a CAPTCHA, or to validate the form in the underlying code that is executed on the server side.

      Read more about CAPTCHA here (external site): 
      https://en.wikipedia.org/wiki/CAPTCHA