[asterisk-users] how to stop web Click to Call fraud, robots, etc
Chris Earle
cearle at cbltech.ca
Wed Jul 16 13:05:06 CDT 2008
Hi all,
I'm writing some code to do a web 'click to dial' sort of thing. Where the
surfer puts in their number and some php/asterisk API code Originates a call
out to them and connects them to an internal extension.
But this raises a number of security/nuissance issues:
I'm well aware that the numbers entered should be validated for local
dialing etc....
But...
*What if a robot hits the page, fills out the form with a legit number, and
effectively causes a prank call out to some poor soul?
*invalid area codes? how to deal with? Check against a list of valid ones?
That's all I can think of right now. Can all these issues be dealt with by:
1 -- a sort of easy route, add a CAPTCHA to the web form
2 -- compare against lists, or somehow do asterisk dialplan logic to stop
....well....how could you stop legit numbers?.... :-S
Ideas, suggestions appreciated!!
--
--
Chris Earle
More information about the asterisk-users
mailing list