Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

CONTACT US - SPAM AND UNWANTED MAILS


Simo5x5

Recommended Posts

you can write the ip in the .htaccess file in a ban variable if you detect that someone messes with the headers. There are also other threads about the same issue search for contact_us.php

Link to comment
Share on other sites

you can write the ip in the .htaccess file in a ban variable if you detect that someone messes with the headers. There are also other threads about the same issue search for contact_us.php

 

 

Thank you Enigma for your post. :)

write the ip in the .htaccess is a solution, but they can change the ip, and you must know the ip.How can i know it?

Should be a better way to do it.

 

Regards

Simo

Link to comment
Share on other sites

and you must know the ip.How can i know it?
In the Dutch forum this was proposed to add the IP-address to the email (changed code in contact_us.php):

  if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'send')) {
   $name = tep_db_prepare_input($HTTP_POST_VARS['name']);
   $email_address = tep_db_prepare_input($HTTP_POST_VARS['email']);
// add IP-address to email:
   $enquiry = tep_db_prepare_input($enquiry . "\n\n IP: " . $_SERVER['REMOTE_ADDR']);

   if (tep_validate_email($email_address)) {
     tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_SUBJECT, $enquiry, $name, $email_address);

     tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
   } else {
     $error = true;

     $messageStack->add('contact', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
   }
 }

To ban an IP-address you can change/add to the .htaccess file in your root directory. From IP Ban (.htaccess):

order allow,deny

deny from 122.122.122.122

allow from all

There is plenty information availble on the web regarding the use of .htaccess (for example this .htacces Tuturial).

Link to comment
Share on other sites

simo, almost every time they abuse the contact us page there is a bot behind. Install the vvc contribution then there is the spider bait contribution that you can modify so it can be called from your tep_mail(); filter the input arguments if any of those shows things like bcc: or cc: you call the the function that writes to the .htaccess and bans the ip

 

I have not seen attempts to my mail forms since I placed the vvc and indicates spammers dont want to get chances to come live to your shop.

 

One other thing check if your contact us and other forms pages are indexed by major search engines. You should have noindex,nofollow in your robot meta-tag and modify the form filenames on your site often.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...