Programmer-how can I solve this problem when I send a text message interface when a PHP website is registered and a POST request is simulated to send a text message?

When a PHP website is registered, how does one solve the problem of simulating POST requests to send text messages through the SMS interface? When a PHP website is registered, how does one solve the problem of simulating POST requests to send text messages through the SMS interface?

Reply content:

When a PHP website is registered, how does one solve the problem of simulating POST requests to send text messages through the SMS interface?

I know two types:
1. Add the csrf_token to the page, and the php CI framework replaces this.
2. Access frequency limit (same ip address limit, same number limit) and so on.

You must have a token to send the text message. For example, add an image verification code.

This is also the practice of most websites.
csrf_tokenIt cannot be broken either. I can use the software to first access the page for generating tokens.

One request and one token are valid once. Set the expiration time. This is what I do now. Failed token verification. Missing tokens are all submitted illegally. If it is more secure, refer to what my buddy said above. It is a very common method. listen to the opinions of other buddies.

1. Add a token to the front end (Graphic verification)
2. Set the request interval between 60 and seconds for the same number.
3. Set the number of requests for the number within one day (6-8)
The same ip address is not recommended. The preceding three steps can block most robots,
The last step is to consider https transmission.
In addition, we recommend a developer-specific text message api: www.shsixun.com.

The current market, there are several new graphics verification scheme, or good, you can look at this: https://luosimao.com/service/captcha