Jump to content

Customer Service Spam Attack HELP!!!

aid-a

By aid-a
in General topics

 Share

Recommended Posts

aid-a Newbie

aid-a

Posted
  • Author
Posted
5 hours ago, bellini13 said:

You need to install something like recaptcha on your contact form and contact controller to help protect against something like this.

Hi, I tried but even if it's a module, I need to paste the code somewhere. I have no idea how to do it.

Link to comment
Share on other sites
aid-a Newbie

aid-a

Posted
  • Author
Posted (edited)
19 hours ago, TinyStore said:

I have the Google No CAPTCHA reCaptcha PRO - ALL module and in the configure you select for it to be active on the contact form.   I haven't had those annoying Russian spammers, knock on wood.

 

I googled this google captcha but there are codes and I have no idea where to put it.... Would it be hard explain the path which documents exactly (it's in filezilla I suppose?) I should modify. Don't want fatal errors without any knowledge. Thanks.
It's the first time in 4 years that I have any spam letters and it's so strange!! 

Edited by aid-a (see edit history)
Link to comment
Share on other sites
DennyG Newbie

DennyG

Posted
Posted (edited)

Hello aid-a!

I recently encountered a similar problem and you topic here helped me to detect the root of it.

Then I found a free captcha module here https://github.com/nenes25/eicaptcha/releases

It is easy to install as any other module and then it tells you what to do.  Now I can see the google reCaptcha in my contact form.

Will see if it helps, heh.

Edited by DennyG (see edit history)
  • Like 1
Link to comment
Share on other sites
TinyStore Newbie

TinyStore

Posted
Posted
On 3/3/2018 at 8:21 AM, DennyG said:

Hello aid-a!

I recently encountered a similar problem and you topic here helped me to detect the root of it.

Then I found a free captcha module here https://github.com/nenes25/eicaptcha/releases

It is easy to install as any other module and then it tells you what to do.  Now I can see the google reCaptcha in my contact form.

Will see if it helps, heh.

I wish I searched for a free module instead of buying one.  Oh well...

Link to comment
Share on other sites
  • 2 weeks later...
texxo Rookie

texxo

Posted
Posted

I have the same issue and i was thinking that maybe the spammers actually know the direct address of the PHP that sends actually the message.

So, my simple idea is:

if we find this .PHP and we rename it and then we rename it everywhere else where it exists inside the prestashop files, will that actually block them?

Example:

lets suppose that the .php that sends the customer message is called customermessage.php

if i rename this to helloworld.php and find the reference for customermessage.php wherever it exists inside prestashop files and rename each and every appearance to be helloworld.php, will that not stop the automatic spamming (if the case is that they just use the customermessage.php).

You think that this would fix it? I cannot believe that someone actually goes to my customer message and sends manually all these spam messages (russian language).

Can anyone think a bit of this and reply? Also, can someone point to the .php file that actually sends the message?

Thank you.

Link to comment
Share on other sites
selectshop.at Newbie

selectshop.at

Posted
Posted

Yes, by renaming the file you can fix the problem as well. There are several topics treating this problem you can read:

https://www.prestashop.com/forums/topic/659477-prestashop-161-russia-mails-spams-in-sytel-of-prestashop-contact-form/?do=findComment&comment=2678494

https://www.prestashop.com/forums/topic/682297-delay-sending-message-from-contact-form/?do=findComment&comment=2713236

Link to comment
Share on other sites
jetway Newbie

jetway

Posted
Posted (edited)

well, install recaptcha, this will solve the biggest problem. I recommend installing the normal recaptcha and not the invisible one. I have noticed that some spamming ips are currently not looked at as spam and they might be able to send you one or more messages. The attack is pretty easy to stop without recaptcha.. I have update my controller with a few lines and its all solved. i will not say how on the form to prevent frauds from trying to bypass.

Anyways..another simple solution is to place a hidden input field on your form and just say if the field is filled in its spam., I bet this would solve your problem straight out. 

Edited by jetway (see edit history)
Link to comment
Share on other sites
bellini13 Newbie

bellini13

Posted
Posted

Removing the ability for a customer to contact you is not a good solution.  Stop wasting time trying to change the contact us page or adding redirects, spammers will just locate the new page, or simply just bypass your changes and hit your server directly

Properly install recaptcha on both the form client side, as well as the server side controller, and the spam will stop.

Link to comment
Share on other sites
David S Johnston Newbie

David S Johnston

Posted
Posted

About three weeks ago I also started receiving Spam from mail.ru. I have installed the free eicapture module, and although the spam has decreased from 50+ per day, I am still getting a few. So I am not sure how they are doing this. from what I have read they bypass the contact form altogether and target the contact controller directly.

Presuming I have installed the module correctly (it shows up in my contact form, and if I do not confirm that I am not a robot, no mail is sent) the spammer must have a different way of abusing the system.

Is there a definitive solution to this problem?

Dave.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...