Who's Online 108 Members, 0 Anonymous, 613 Guests (See full list)
- K Attila
- George Bazz
- Jonatan - Siabyte
- Tienda Joven España
- Elia Besmer
- Angel Moral
- Christian Teheran
- jhonmario acacio
- Peter Petrik
This stream auto-updates
- Past hour
@AmirRzdBecause your solution does not protect anything, it invite hacker to simply adjust the url and continue their attacks. It does harm the entire ecosystem having such unprotected possible target by feeding the interest for hacker to brute scan in case they succeed
You are right and I know @doekia has a point and I understand know why he was mad. All I want to know is if my solution is going to harm the store or not? If it is wrong just because it "might" fail, that is okay with me. When it fails I will try other solutions. But if my solution is going to harm, I really need to know more about that.
Yes you copied my code and claim it a free contribution, but prior version 188.8.131.52, the override as it was written makes shop to simply crash!
You are really stubborn ! Your new url is known the second you publish it. It is the link on your page and it suffice the bot to use ?controller=auth to "discover" your page. You are not only stupid, your are dangerous for the entire ecosystem! DELETE YOUR POST AND TOPIC
factoriadigital replied to doekia's topic in General topicsThis module makes the changes in overrides to apply it on: classes/Validate.php classes/Customer.php You can try it in 1.5. It is a totally free contribution.
desistore.in joined the community
Casper_O replied to doekia's topic in General topics@AmirRzd the reason for your "solution" is not a real solution is, that whoever is doing these fake account registration might be reading in here also and getting clever over time. Same happend with the contact form spam. People tried the same as you tell people to do now, and it failed. When he figure out he should acually just send it to the controller directly instead trying to guess the SEO friendly URL, then your solution is useless. Try visting https://<your-domain.tld>/?controller=auth - it would acually redirect you to the SEO friendly url Also, for now it seems to be a bit by language, who is beeing attacked. But that would change really fast, just like we saw with the contact form spam
What is the purpose of such? Btw the minimal version is 184.108.40.206
pavlenco joined the community
Yes that is possible. For that I did not propose a single alternative. It is working for me and many others around me. Unless I know that my solution is harmful for a PrestaShop store, I think it is okay.
Note: Topic Name was changed from: PRESTASHOP Spam customer account best and simplest solution This solution is as @doekia said not a real solution, and definitely not the best, since it do not prevent the spam, it only slow the process down for a little. If i had to compare it to something, it is like if you are peeing in your pants for warmth in winter. The temporary relief is followed by an even worse predicament.
ThankBooks replied to doekia's topic in General topicsI'm no expert but even I can see how if everyone implemented your proposal, a spammer would soon know what URL to redirect to and start over again.
davidcedillo.126 joined the community
I removed security from the topic. But it is still a solution unless you tell us otherwise since you are an expert. I think we'd better tell everyone why this solution is wrong.
factoriadigital replied to doekia's topic in General topicsHi, Solution with a module here: https://www.factoriadigital.com/prestaforum/threads/solucion-a-registros-fraudulentos-en-prestashop.1557/#post-4294 Regards!
stvaustinez joined the community
que tal @Faby Pena cuando yo sincronizo los WS que me arrojan los datos tiene otro que valida que un dato ya se sincronizo. yo lo valido desde el otro lado para que no me arrojen datos duplicados así dato sincronizado dato que valido para que no se vuelva a insertar. y depende de esta tabla es lo datos que faltan por bajar o subir
miguelsanmx replied to miguelsanmx's topic in PrestaShop Download: instalación, actualización y configuracióngusman126, te agradezco la ayuda pero por ninguna de las opciones pude resolverlo, realmente llevaba muy poco avanzado así que decidí comenzar nuevamente reinstalando todo, de cualquier manera gracias.
I'm mad since your proposal is every thing but security. And what is at stake here is security. Remove your post and your topic - case close
Obviously you have no idea about the Ambassador badge. You are mad at me and I have no idea why. Until you write a helpful comment, I am not going to reply to your comments.
Creating such topic with your ambassador badge + saying "I have a much simpler solution", makes it an argument by authority. Result is absolutely the same you are misleading people
Did I say I am an expert and I know how to code works? You could have just let me and everyone else know what is at stake here. Calm down and let us know.
Hola, Si estáis recibiendo muchos emails de clientes registrados, es cierto que modificando validate.php y customer.php o añadiendo overrides , se puede corregir.Para facilitar esta tarea, desde www.factoriadigital.com hemos creado un módulo que realiza estas correcciones desde el backoffice.Funciona en prestashop 1.6 y en 1.7Lo hemos publicado en este enlace: https://www.factoriadigital.com/prestaforum/threads/solucion-a-registros-fraudulentos-en-prestashop.1557/#post-4294Saludos a todos.
Security by obfuscation is not security And it will take about 3 nanosecond to find your "hidden" url => https://<your-domain.tld>/?controller=auth I don't understand why you concluded you are an expert while you obviously does not comprehend the way the code is running and what's at stake here
domme koppe joined the community
priyank_bolia started following Add reCAPTCHA to Prestashop Version 220.127.116.11 for FREE
priyank_bolia replied to motion2082's topic in Free Modules & ThemesThank you works fine with Prestashop 1.6.17, now no more spam customers registration.