Jump to content

[FREE MODULE] User Verification - Block Spam Accounts


endriu107

Recommended Posts

This is very first version of the module, it will be developed and new verification options will be added. Currently, the module only checks two things, it compares name and surname. If both are identical, it does not allow you to create an account in the store. Module aslo check letters in firstname and lastname, if it's unusual it will also block spammer to create account.

 

Accounts like below will not be created in store.

image.png

 

***New version 1.0.1***

in version 1.0.1 there is new option checking letters, lowercase and uppercase.

Firstname or Lastname like: mcdonald, Mcdonald, McDonald, MCDONALD, mCDONALD, mCdONALD are valid and allow to create account, but Firstname or Lastname like: McDoNald, mCdOnALD, MCDonald, McDonalD etc. aren't valid and user can't create account.

It also should block account like that:

image 1.gif

 

***New version 1.0.2***

In this version was added verifictaion for firstname and lastname that their are same even then some letters are lowercase or uppercase in fistname and not in lastname.

Before user with first and last name like: Andrew andreW was able to create account, now he will be blocked.

 

If you have any suggestions for validating a customer account, please post below. All suggestions will be considered and the best ones implemented into the module.

It should work with prestashop 8.X and lower like 1.7.8 not tested with lower version then 1.7.7

 

wfeuserverification1.0.0.zip

wfeuserverification1.0.1.zip

wfeuserverification1.0.2.zip

 

  • Like 6
Link to comment
Share on other sites

***New version available 1.0.1***

in version 1.0.1 there is new option checking letters, lowercase and uppercase.

Firstname or Lastname like: mcdonald, Mcdonald, McDonald, MCDONALD, mCDONALD, mCdONALD are valid and allow to create account, but Firstname or Lastname like: McDoNald, mCdOnALD, MCDonald, McDonalD etc. aren't valid and user can't create account.

It also should block account like that:

 

image 1.gif

 

Module available for download in first post.

Link to comment
Share on other sites

Hi!

Many thanks for this free module!

Does it work with the latest PS 8.1.2?

I am having some issues with receiving several emails per day to the shops email inbox, they all have the subject:

Undeliverable: [PRESTASHOP WEBSITE NAME] Email verification

It seems that bots are trying to register or "something" but their email addresses are not valid, so they cannot verify. Maybe it has to do with the newsletter module?

Best regards,

Link to comment
Share on other sites

Have fun with bots :)I defeated them a month ago with small controller override. I feel sorry for people who can't do anything about it. I advise you to check for a bot and not for your first and last name. At first, check $_SERVER variables, USER_AGENT... etc... then make table with IP/email deny. Good luck.

Link to comment
Share on other sites

Probably in next release will be added DB logger with firstname, lastname, email address and IP address. I consider to add two buttons one with add IP to blacklist and second button with create account action, that in case when validation will block real user for some reason.

Using USER_AGENT can help but it is not perfect solution, spammer can easli manipulate it.

Link to comment
Share on other sites

Most of bots never use user_agent and headers like Accept-Language, no referrer, no PHPSESSID in cookies etc... Based on headers and $_SERVER vars and cookies you can filter up to 99 percent of bots... Just create script-logger on production who logs headers, server and cookies and analyze logs...

I write bots myself and also successfully escape from them))) and believe my many years of experience: it is completely impossible to completely protect yourself with a module, if no hooks for this. All that remains is to use overrides. But of course, the module can weed out most bots.

Link to comment
Share on other sites

***New version 1.0.2***

In this version was added verifictaion for firstname and lastname that their are same even then some letters are lowercase or uppercase in fistname and not in lastname.

Before user with first and last name like: Andrew andreW was able to create account, now he will be blocked.

 

Module available for download in first post.

Link to comment
Share on other sites

One of my shops is receiving a lot of fake newsletter subscriptions where I get bounce mails with errors such as this:

[email protected]>: host gmail-smtp-in.l.google.com[142.250.107.26]
    said: 550 5.2.1 [ERN] Recipient is receiving email too quickly. (in reply
    to RCPT TO command)

(I have replaced text before @gmail.com). The module does not prevent this, as all email addresses are legit i.e. different gmail.com accounts.

So this is just to inform poster Jontee that the module will not resolve this.

Link to comment
Share on other sites

  • 1 month later...
  • 3 weeks later...
  • 1 month later...
  • 4 weeks later...

I just wanted to check if this module was still available anywhere? Looks to be exactly what I'm after, as our website has recently started to get hit daily with spam users using this kind of configuration with upper and lower case first names and surnames.

Would be great to get a copy of the module though, as it currently says it's now seems unavailable sadly!

Link to comment
Share on other sites

Ahh awesome! Of course, I've just seen that now that I'm finally a user on here that the download is available! Thank you for that and apologies for the amateur question!

Hopefully this should do exactly what we need in terms of stopping those bots... thank you for the effort in this!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...