Php mail script being activated by bots

General PHP Help
#1

I have two php scripts which send out mail to a group and are executed by site admin from a password ptotecetd menu, but the scripts keeps getting activated by bots scarping the site.

I have tried to set a robots.txt file in the domain root as follows

User-agent: *
Disallow: /Monibot/ # This is an infinite virtual URL space
Disallow: /.index_cron.php
Disallow: /de/component/customfilters/
BrowserMatchNoCase "Monibot" bots

Order Allow,Deny
Allow from ALL
Deny from env=bots
User-agent: *
Disallow: /

The robots.txt has no effect,
Next I set the two php scripts permission to 600 with no effect.
What I want to do is turn off the whole domain to bots can anyone suggest how to do this effectively.

#2

You should be using a post method form when performing an action on the server and the code on each page must enforce user authentication and query to get the current user’s permissions/role to control what the user can do and see on that page.

#3

I am not using a form it is a mail send, my host suggested this
What about moving that file completely out of your public_html folder? Then it’ll be completely separate and won’t be scrapable.

But how can I access the php outside of the public_html folder?

Sponsor our Newsletter | Privacy Policy | Terms of Service