Remove auto reply on contact form?

[baggen]

Hi,

Is there any way to remove auto reply prestashop sends as a reply to mail from contact form? Im currently getting alot of russian spam mails trough contact form and then store tries to auto reply to these fake email adresses and causes a mess.

Best regards

[bellini13]

The right solution is to install recaptcha on your contact form and contact controller to help prevent malcious form submissions

[Wyrmwood9]

I too am having this problem and have spent many hours on it. I have installed a captcha, and have the site access via CloudFlare, but nothing has worked so far. The attacks come from a range of IP address all over the world (often via Proxies), but appear to be specifically in Russian. 

My access logs show that they just target the contact form (and often no other pages are accessed). Often too are attempts access other installations/types of contact forms (that I don't have installed), and of course the usual hacking attempt searches for pages with vulnerabilities.

blocking emails from mail.ru would certainly cut down a significant number of them, but it really is only a stopgap. 

Sorry I can't help - looking forward to someone who can provide a solution to this problem that I'm sure many Prestashop stores are suffering from.

*update* I'm going to try blocking emails from mail.ru via my cpanel, and rename the contact form using SEO friendly URL (under Shop Parameters -> Traffic & SEO ) 

Edited April 2, 2018 by Wyrmwood9 (see edit history)

[bellini13]

11 hours ago, Wyrmwood9 said:

I too am having this problem and have spent many hours on it. I have installed a captcha

explain exactly what you have done to install recaptcha (in detail). 

Most people only install the client side code in the contact form, and do not follow instructions for the server side portion.  So while the recaptch appears on the contact us page, it useless since the contact us page can be completely bypassed and anyone can send the server side request.

so explain in detail how you installed recaptcha, and then i can tell you where you went wrong

[doekia]

Try this it should kick off all bots

http://area51.enter-solutions.com/snippets/74

[bellini13]

2 hours ago, doekia said:

Try this it should kick off all bots

http://area51.enter-solutions.com/snippets/74

bots and malicious people don't use your contact us page, they completely bypass it and submit to the contact controller URL, so the above solution is kind of pointless.

[doekia]

13 minutes ago, bellini13 said:

bots and malicious people don't use your contact us page, they completely bypass it and submit to the contact controller URL, so the above solution is kind of pointless.

 

Really, try it and let me know if you have any bot that succeed after you have apply it.

Prior dismissing a solution, it would be wise you test/read/comprehend it

[Eolia]

il y a 18 minutes, bellini13 a dit :

bots and malicious people don't use your contact us page, they completely bypass it and submit to the contact controller URL, so the above solution is kind of pointless.

 

Have you really read this? http://area51.enter-solutions.com/snippets/74

if (isset($_REQUEST['submitMessage']))
    { if (empty($_REQUEST['g-recaptcha-response'])){
        ....