Master Syndicator

If you write articles, Master Syndicator will enable you to syndicate your content. You simply copy and paste your article into a form and click on submit. Your article will instantly be ready for syndication. To display your content, webmasters will need to place two small lines of JavaScript within their web page where they'd like article to display. Each time you update your article, every web site using your code will automatically be updated.

The Master Series scripts can be found here: http://hop.clickbank.net/hop.cgi?wsnet/willmaster

WebBBS

This great script will enable you to set up your own forum. Unlike most bulletin board scripts, WebBBS stores messages as simple text files and creates HTML pages as needed.

This great script supports automatic quoting of message text and email notification of those who want to be informed of new posts. http://awsd.com/scripts/webbbs/index.shtml

WebAdverts

Set up a rotating banner system on your web site and track response rates. WebAdverts will enable you to not only set up a rotating banner system, but if you'd like, you can set up your own banner exchange. Banners can be displayed on your pages using SSI tags, IFRAME tags, or standard IMG tags.

The great thing about this script is that you can include banners on CGI-generated pages. In addition, you can filter banners by allowing certain banners to appear only on certain pages. This script is a little complicated, but well worth it. http://awsd.com/scripts/webadverts/index.shtml

Links

If you've ever wanted to set up a directory, this great script will make it simple. It is modeled after Yahoo and inspired by The CGI Resource Index. It can be completely customized to match look and feel of your web site. http://www.gossamer-threads.com/scripts/links/

POD

The Personal Open Directory script will enable you to pull contents of Open Directory Project into your own web pages. It is completely customizable and will enable your visitors to have access to this great directory without leaving your web site. http://grohol.com/downloads/pod/dmoz/

Learn more about CGI: http://www.howstuffworks.com/cgi.htm

Locate CGI Scripts: http://cgi.resourceindex.com/Programs_and_Scripts/Perl/

If you're not utilizing full benefits that CGI has to offer, you're missing boat. Not only will it save you a great deal of time, but it will also process your information around clock. Scripts can assist you in making your web site an interactive community and bring your site to life.

The spammer essentially "hijacks" FormMail CGI routine and causes it to send out emails as fast and furiously as they can. I know of one instance where a spammer sent over one million emails in a single day before someone noticed that their web server was going very slowly (I wonder how long it would have taken had spammer tried limiting load on server so it didn't show up as much). What happens here is very simple. The FormMail CGI routine is simply called remotely by spammer, once for each spam email that he wants to send.

Ah, you say, but you could code FormMail routine to check referrer field. This would surely prevent a spammer from using it remotely, as his referrer would not be website URL.

Sorry, no. The referrer field is actually a text string passed to CGI routine by browser. The spammer is most likely using a program which appears, to your web site, to be just another browser. Since spammer controls program he can code it to send CGI routine whatever value he wants for referrer field.

As it turns out, it is very difficult to make a CGI routine such as FormMail even relatively secure, and it may be impossible to make it bullet-proof. All you can do is check enough things and put in delays here and there to slow down and discourage spammers.

You could, for example, only allow one posting per IP address per hour. You could also check referrer just to block out more ignorant spammers. I suppose you could count number of times routine is called, and have it just stop working after a certain amount. For example, only allow one hundred calls per day from anywhere.

The point here is not to tear apart FormMail routine. The goal is to show how difficult it can be to make anything secure on internet, and demonstrate that some assumptions (that referrer field is a valid check) may not be true in all cases.

What do you do? Before you implement any CGI or similar interface, be sure and do a little research to be sure you completely understand and handle ramifications. If you don't do this, you may find yourself victim of a hacker or spammer.