Hi,

Actually I have one website running on my webserver. This site contains one textbox on an aspx page. I have a server side validation for this textbox.

But I get following exception:

Exception Type:        System.Web.HttpException
Exception Message:     Unable to validate data.
Exception Source:      System.Web
Exception Target Site: GetDecodedData

Actually some spammer try to put following data into textbox thats why the errors are comming:

Hi everybody! Wanna see my cool pages? Please visit my homepage too:
<a href= http://celexa.ne1.net/index.html >celexa drug</a> celexa drug <a href= http://celexa.ne1.net/celexa-side-effects.html >celexa withdrawal</a> celexa withdrawal <a href= http://celexa.ne1.net/celexa-weight-gain.html >celexa side effects</a> celexa side effects <a href= http://celexa.ne1.net/celexa-withdrawal.html >celexa side effects</a> celexa side effects <a href= http://celexa.ne1.net/celexa-anxiety.html >celexa</a> celexa <a href= http://celexa.ne1.net/buy-celexa.html >buy celexa</a> buy celexa
                                 
Is there any possible way to stop that type of spamming.

Thank you

Strip out HTML, use a CAPTCHA technique to fool spambots and use the same method used on your post here -- Moderation.  Comments get reviewed, no comments without registration including valid email and spam gets your account locked.

Jeff

More information on CAPTCHA:

http://www.codeproject.com/aspnet/CaptchaControl.asp
http://www.aspnetworld.com/articles/2004030101.aspx
http://15seconds.com/issue/040202.htm

Jeff

I'm with Jeff, CAPTCHA is probably the best option in the way of defending against comment spam. Stripping HTML might be nice, but it won't stop the spam. One other option I might pose to you is to take a look at the ASP.NET AJAX Toolkit's NoBot control. This attempts to identify bots without requiring user interaction. I haven't used it, but it might be worth a look.

http://ajax.asp.net/ajaxtoolkit/NoBot/NoBot.aspx