Introduction¶

What does it do?¶

This is a guestbook built on extbase. It uses several mechanisms for spam prevention:

• Honeypot fields
• Minimal form submission time (spambot prevention)
• Unique hash for every form post (prevent post replay by spam bots and makes faking the timestamp impossible)
• Form html scramble (can be disabled in TS constants)
• Security question: user has to solve a simple random addition (can be disabled in TS constants)
• New entries can be stored hidden to allow redactional review by email before publishing (can be enabled in TS constants)
• Email-review of new entries (can be enabled in TS constants). Links in the mail allow to decide if the post is spam or not.
• Block IP’s of entries marked as spam (can be disabled in TS constants)
• If the field “url” is used, links in the guestbook list view are generated with the

attribute “rel” set to “nofollow”. This makes spamming uselesss, as search engines will not follow the link.

Available fields for a guestbook entry record are:

• name
• first name
• place (city)
• email
• url (visitor’s website)
• message
• comment (for editor’s comment)

Also each guestbook entry uses these fields for spam prevention:

• is spam: checked if the entry is spam
• remote ip: stores the ip of the poster
• post hash: unique hash for every form post, will be stored to detect POST-replay

By default IP’s of entries marked as spam will be blocked for further posts.