Hi there

My client's mail server is being swamped by bounce-back messages from the form, each one with their 11MB brochure attached, because no recipient was specified.

I did a test and found that if I linked directly to the php script that this extension creates when creating a mail form, it triggers it with no recipient (or any other data from the form) specified and then bounces back to the host server.

example of the sort of link that is vulnerable to this: www.domainname.com/dmxConnect/api/testform.php

Is there any way I can protect this script from being directly linked to?

thanks in advance
Bruce

Hi Bruce,
You need the Form Validator to protect your form and server action.

To prevent unwanted script triggers online, examine browser extensions for potential culprits and disable or remove them. Adjust browser settings to block used trimble r10 receiver pop-ups and scripts from untrusted sources. Consider installing reputable antivirus software to detect and block malicious scripts. Finally, clear browser cache and cookies regularly to maintain optimal performance and security.