# Recording IP Addresses



## NaphtaliPress (Jun 15, 2006)

We offer free sermon CDs on our church website and recently have had some folks requesting these for other people without their permission and contrary to our limitations and instructions. The sign up form is here. http://www.fpcr.org/sendme.htm
Is there a way to connect the IP address in the background of someone filling out and submitting a request via the form? If we did this we would indicate it in the instructions and I would hope that would cut down on this. Or does anyone have any other ideas on how to cut down on bogus and harassing requests?


----------



## NaphtaliPress (Jun 15, 2006)

Never mind. Looks like Frontpage allows me to add this kind of stuff in the back ground. But if any other idea on how to cut down on bogus requests let me know.


----------



## Semper Fidelis (Jun 15, 2006)

There are form scripts that would enable you to record the IP of those who visited but that's honestly not a very useful mechanism to prevent fraud. Assuming you performed a reverse DNS lookup, it would not even necessarily be fraudulent just because the IP of the person visiting doesn't match up to the domain of their e-mail address. My IP right now is a Japanese one from where I'm surfing but I own some domains hosted on a U.S. server.

One idea to minimize fraud is to require credit card information. You could explain that this is to verify the identity of the requester given fraudulent requests.

Another option is to send and e-mail to the e-mail of the person requesting the CD. This could fail if the person signing up fraudulently answers and says "Yeah that's me" but then you could go to the ISP of the person who is committing identity fraud and have their account revoked. Most people playing these kind of games would not respond with the e-mail. There are even some scripts that would automate the process where the contact form would not complete until the e-mail is verified by the user sending the form.

The first idea is probably most reliable while the second would cut down on traffic and be less obtrusive.

One last thing, look at one of my contact forms here:
http://www.ministrywebpage.org/contact-us/contact-us.php

The verification string prevents bots from abusing your contact form. I've had my contact forms flooded in the past without this feature enabled. It's actually a pretty easy script to integrate into your contact form. If you do nothing else then I would add the verification string as it's another level of protection against creeps who have bots that go out and bombard contact forms.

I'll try to find some time to investigate a contact script that requires verification of an e-mail address.


----------



## Semper Fidelis (Jun 15, 2006)

Frontpage? Ewww... 

That's a bit limiting. I'm not certain what can be integrated into those. I'm not a big fan of Frontpage extensions.


----------



## NaphtaliPress (Jun 15, 2006)

Thanks Rich. I'll check this out and any help is much appreciated.


----------



## NaphtaliPress (Jun 15, 2006)

Well, what can I say. We started on FP and now it would be a major rework to switch to something else I suspect.


> _Originally posted by SemperFideles_
> Frontpage? Ewww...
> 
> That's a bit limiting. I'm not certain what can be integrated into those. I'm not a big fan of Frontpage extensions.


----------



## Semper Fidelis (Jun 15, 2006)

I'm just giving you a hard time. I'm pretty sure I could hard code a good contact page into it. The only issue would be that it wouldn't be editable in Frontpage.

Is your webmaster proficient in web programming?


----------



## NaphtaliPress (Jun 15, 2006)

No I'm not; hence using FrontPage.


> _Originally posted by SemperFideles_
> Is your webmaster proficient in web programming?


----------



## Semper Fidelis (Jun 15, 2006)

Roger that. Assuming you trust me, I can still help. I'll get with you privately after I find a script that will help.


----------



## NaphtaliPress (Jun 15, 2006)

I like the second idea best; request CC info is a bit extreme for a free CD request. I also like the idea of the verification to cut down on the abusive bots.


----------



## NaphtaliPress (Jun 15, 2006)

Thanks Rich.


----------



## fredtgreco (Jun 15, 2006)

> _Originally posted by SemperFideles_
> I'm just giving you a hard time. I'm pretty sure I could hard code a good contact page into it. The only issue would be that it wouldn't be editable in Frontpage.
> 
> Is your webmaster proficient in web programming?



Rich,

What do you use? I use Dreamweaver. Could I see a copy of the contact script you are talking about?


----------



## Semper Fidelis (Jun 15, 2006)

Oh oh, Dreamweaver, I believe you can get me through the ni-hight...

I use Dreamweaver. I love it's ability to design or code. Honestly though, I'm starting to become a big fan of CMS websites because, even with a good template, large sites become unwieldy.

I told Chris I found a script that will work but it costs money. I'm a cheapskate and I'm going to go on some web forums I frequent to see if anyone has a free script.


----------



## fredtgreco (Jun 15, 2006)

> _Originally posted by SemperFideles_
> Oh oh, Dreamweaver, I believe you can get me through the ni-hight...
> 
> I use Dreamweaver. I love it's ability to design or code. Honestly though, I'm starting to become a big fan of CMS websites because, even with a good template, large sites become unwieldy.
> ...



What's CMS?


----------



## crhoades (Jun 15, 2006)

> _Originally posted by fredtgreco_
> 
> 
> > _Originally posted by SemperFideles_
> ...



Content Management System

Dreamweaver


----------



## Semper Fidelis (Jun 16, 2006)

As Bob the Builder said: Can we fix it? YES WE CAN!!

I figured out a way to do this.

I use the contact form script that I already use:

See here: http://www.ministrywebpage.org/contact-us/contact-us.php

I then set up a feature that comes with my web hosting called Box Trapper. Box trapper is a nice feature just for my e-mail addresses in general. It requires that an e-mail sender verify that they are a human being before the mail will be delivered to me.

I'm not certain if your web hosting account has this feature or not. If it doesn't then I could easily set you up with a personal POP3 e-mail address that you can log into for the express purpose of checking form results. If you want, I can also just create a simple page and externally host the contact form.

A few domain names I own that I could create a custom POP e-mail for you:
crossnet.us
solideogloria.com
soluschristus.com
ministrywebpage.org

We could integrate the externally hosted contact form into your site look and feel so that it's fairly transparent to the user that it's happening. Even if when they request the free resources they just have a popup that takes them to a different domain they don't care as long as they get their stuff.

You might also have boxtrapper on your hosting account. Who do you host with and what hosting account is it?

Honestly, I'd be willing to host you for free and then you'd have the feature for sure. My hosting platform and accounts support Frontpage so you could just upload your web site and then change your nameserver information to point to ns1 and ns2.solideogloria.com and have no down time.


----------



## NaphtaliPress (Jun 16, 2006)

Rich,
FPCR has its on colo server, so I don't know but maybe we can integrate everything required that you propose on it? Email me at [email protected] and let's take this from here and see where we can get. Thanks Rich!


> _Originally posted by SemperFideles_
> As Bob the Builder said: Can we fix it? YES WE CAN!!
> 
> I figured out a way to do this.
> ...


----------

