Bot getting to contact_us.php?action=success

[MarP]

How do I block a bot from accessing the contact us success page? How would it get to it even with captcha installed?

Thanks!

[♥kymation]

Any web browser can access the success page directly. It's harmless, so just ignore it.

 

Regrds

Jim

[MarP]

Thank you very much, Jim. Will do!

[Jack_mcs]

I think this may indicate a problem with your site or, at least, with your search engine listings. The "contact us success page" is just a part of your contact_us.php file and there isn't (shouldn't be) a link on it to get the success section to display. But even if there was, that can only happen if the form is completed and submitted, which search engines can't do. Does the search engine you see this with actually list contact_us.php?action=success? How do you know they are getting to it? If by bot, you mean a search bot that is not one of the good search bots, like google, then you should look into a way of blocking them since they are not playing by the rules. If it is such a bot, I suspect it is a hacker spoofing as a bot so he can try to gain access to your site without being noticed.

[oscMarket]

Even if it would be harmless, (but it isn't), a search-engine/bot shouldn't be able to know the contact_us.php?action=success url.

The only url detectable on the contact_us.php form can only be : contact_us.php?action=send

Jack is correct!

[MarP]

Yes, Jack, it's a Microsoft Bing bot IP I saw doing this in the Who's Online in admin.  No email was sent by the bot.

But I see the OsCommerce demo store also allows access to contact_us.php?action=success if you type it in. I just don't get how the bot found that success link. I will look into ways of blocking it.

Thanks all!

[♥John W]

You can stop it by using the old robots.txt method below.  Some hostile bots won't adhere to it but all the good ones will.  I don't see a reason to have the contact us listed and I've had this along with others since 2002. 

 

User-agent: *

Disallow: /contact_us.php

[Jack_mcs]

Yes, Jack, it's a Microsoft Bing bot IP I saw doing this in the Who's Online in admin.  No email was sent by the bot.

But I see the OsCommerce demo store also allows access to contact_us.php?action=success if you type it in. I just don't get how the bot found that success link. I will look into ways of blocking it.

Thanks all!

It is possible for anyone to change how they connect to a site and if you don't check it you will think it is a regular search bot. Given that that url isn't known to the true search engines, unless you created a link to it on your site for some reason, they would not have found it. So blocking it for the search engines probably won't help. If it is a hacker, which I suspect it is, they will just go directly to it.