Protection of the landing page from spam using a CSRF token
Task: Protect the form on the landing page from automated spam and unwanted actions by malicious actors. The main focus was on implementing a protection mechanism against CSRF (Cross-Site Request Forgery) attacks.
Implemented steps:
1. Adding a CSRF token to the form:
Each form on the site receives a unique CSRF token, which is generated on the server.
The token is added as a hidden field in the form, which is sent along with the form data.
2. Validating the CSRF token on the server:
Upon receiving the form data, the server checks for the presence of the CSRF token.
The token is compared with the value stored in the session to confirm the authenticity of the request.
3. Token renewal mechanism:
After each successful request, the CSRF token is updated to enhance security.
4. Testing:
Thorough testing of the form was conducted to check its resilience against CSRF attacks.
Additionally, the functionality was tested with various browsers and user configurations.
Result:
Reliable protection of the form against CSRF attacks has been implemented.
The number of spam requests has been reduced due to the use of unique tokens.
User data protection has been ensured, which has increased trust in the landing page and the client base.
Technologies used:
HTML, PHP, JavaScript
Implemented steps:
1. Adding a CSRF token to the form:
Each form on the site receives a unique CSRF token, which is generated on the server.
The token is added as a hidden field in the form, which is sent along with the form data.
2. Validating the CSRF token on the server:
Upon receiving the form data, the server checks for the presence of the CSRF token.
The token is compared with the value stored in the session to confirm the authenticity of the request.
3. Token renewal mechanism:
After each successful request, the CSRF token is updated to enhance security.
4. Testing:
Thorough testing of the form was conducted to check its resilience against CSRF attacks.
Additionally, the functionality was tested with various browsers and user configurations.
Result:
Reliable protection of the form against CSRF attacks has been implemented.
The number of spam requests has been reduced due to the use of unique tokens.
User data protection has been ensured, which has increased trust in the landing page and the client base.
Technologies used:
HTML, PHP, JavaScript
Poltava 
Available for hire