Jack_mcs Posted June 14, 2018 Author Share Posted June 14, 2018 This isn't a question that should be asked in a support thread. You may want to open a new one. But I'll reply to it just this once. If you renamed the file create_account.BAK.php, it is still usable. If it was renamed create_account.php.BAK, it wouldn't be. But there is also the possibility the Purchase Without Account addon is installed and it may use its own create account file. Or the hacker has gained access to the database, or admin if create orders is installed, and did it that way. There are probably other possibilities but without knowing more about the site, I can't say. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
douglaswalker Posted October 28, 2018 Share Posted October 28, 2018 Hi there I have been trying out the honeypot on my site and have it set up with not allowing urls. I have tested it and if I try to use a url it is blocked However this morning I received spam with urls in it. I am a bit puzzled. i wondered if you could offer any ideas as to what may be going on. Doug Quote Link to comment Share on other sites More sharing options...
douglaswalker Posted October 28, 2018 Share Posted October 28, 2018 Did a bit more investigating When I turned of Java Script I could add urls to my enquiry and the email was sent. Is this as expected or have I missed something Warm regards Doug Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted October 28, 2018 Author Share Posted October 28, 2018 @douglaswalker The settings you mention only apply to the contact us page. If you have made the required change to the contact us page then even if the javascript code was not added to the site, it would stop those emails since the php in the code is checking the message. So it sounds like you may have missed that change. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
douglaswalker Posted October 28, 2018 Share Posted October 28, 2018 Hi there you are exactly right I missed the folder with the upgrade instruction My apologies All is now working. Thank-you for your quick answer I will look a bit more carefully next time Doug Quote Link to comment Share on other sites More sharing options...
greasemonkey Posted December 14, 2018 Share Posted December 14, 2018 @Jack_mcs hey Jack, I'm trying this addon out to help reduce a number of spam accounts being created - and hoping not to have to resort to a captcha solution. So far it hasn't help this specific spammer - he's skipping the new hidden field. I presume it will help prevent future spammers however...... I'm wondering if changing your code around slightly may work? So far, every spam account is created has the company name "google" - all lower case without the quotes. Do you think adding an id=google to the company entry could work (I have no worry Google not my customer... lol) and if so - how could I validate that is says google? <script type="text/javascript"> function validateMyForm(create_account) { var ok = check_form(create_account); if (! ok) return false; return IsSpammer(); } function IsSpammer() { if(!document.getElementById("google").value) { // The field is empty, submit the form. return true; } else { // the field has a value it's a spam bot return false; } } </script> Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 14, 2018 Author Share Posted December 14, 2018 That wouldn't work as it is. The getElementById( function is checking this line <input type="text" name="honeypot" id="honeypot" /> The id in that line is honeypot and your change is telling the code to look at the line that has an id of google. So if you want to make that change you would need to change the above to <input type="text" name="honeypot" id="google" /> But I think what you want to do is check for the company so change this if(!document.getElementById("honeypot").value) { return true; } to if(!document.getElementById("honeypot").value) { return true; } else if ((document.getElementsByName("company")[0].value) == 'google') { return true; } I haven't tested it but I think it will do what you want. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
greasemonkey Posted December 14, 2018 Share Posted December 14, 2018 @Jack_mcs thanks so much... so this? function IsSpammer() { if(!document.getElementById("honeypot").value) { // The field is empty, submit the form. return true; } else if ((document.getElementsByName("company")[0].value) == 'google') { return true; } else { // the field has a value it\'s a spam bot return false; } } Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 15, 2018 Author Share Posted December 15, 2018 Yes, that's correct. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
greasemonkey Posted December 17, 2018 Share Posted December 17, 2018 On 12/14/2018 at 9:12 PM, Jack_mcs said: Yes, that's correct. Can't quiet get this working Jack Sorry to bug for any more assistence - here is the HTML for the Company Name <div class="form-group"> <label for="inputCompany" class="control-label col-sm-4">Company Name</label> <div class="col-sm-8"> <input type="text" name="company" id="inputCompany" placeholder="Company Name" class="form-control" /><!-- BOF Separate Pricing Per Customer: field for tax id number <!-- EOF Separate Pricing Per Customer: field for tax id number --> </div> </div> And the IsSpammer function, I'm not sure... but it's still validating the form with or without the company name being "google". For the value I've tried both "google" and \'google\'. function IsSpammer() { if(!document.getElementById("honeypot").value) { // The field is empty, submit the form. return true; } else if ((document.getElementsByName("company")[0].value) == \'google\') { return true; } else { // the field has a value it\'s a spam bot return false; } } Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 17, 2018 Author Share Posted December 17, 2018 The return value is wrong. Change } else if ((document.getElementsByName("company")[0].value) == \'google\') { return true; to } else if ((document.getElementsByName("company")[0].value) == \'google\') { return false; Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
greasemonkey Posted December 20, 2018 Share Posted December 20, 2018 On 12/17/2018 at 11:36 AM, Jack_mcs said: The return value is wrong. Change } else if ((document.getElementsByName("company")[0].value) == \'google\') { return true; to } else if ((document.getElementsByName("company")[0].value) == \'google\') { return false; Wow, this spammer just won't go away.... I'm not sure you can help me any more @Jack_mcs I'm currently trying to use the pattern variable with a negative regex on the company input to validate the form - it works when I test it: pattern="^(?!google$).*" But he is still able to get around it - or at least able to create the account. Looking at Track Delivery in cPanel the email is still going out and being received. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 21, 2018 Author Share Posted December 21, 2018 I don't think that is a good approach to the problem. Even if you get it to work, he might decide to start using Bing as a company and that will break the script. In the latest version of View Counter (not released), I record the persons IP when an account is created. Then if that IP is used to create another account and if the time between the two is too small, as decided by a setting, the account is denied and the IP is emailed to the shop owner in case he wants to ban that IP. I've ran across this problem many times before and, in my experience, the only thing that is consistent each time is the IP. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
greasemonkey Posted December 21, 2018 Share Posted December 21, 2018 (edited) @Jack_mcs thanks again Jack, this is going off topic for your support thread... Mods, please feel free to move this to its own discussion. Yes, the bot is clearly not using a "browser" anyway to input the values so using a regex HTML5 form to validate is, as you suggest, not a good idea. I deliver the site via Cloudflare, so I'm a little surprised they can even get to the site - almost every Proxy IP I've tried from eastern EU lands on Clouldflare's reCaptcha2 page. SOOO, what I have succeeded in doing so far is pissing the spammer off! They've gone from creating 2-4 accounts per day to 2-4 accounts per hour. Good news, on the create account page I use GEO targeting to enter the Country by IP - so (I think) I'm getting an accurate country for each account. I'm now using htaccess (with Cloudflare's CF-IPCountry) to block large area's of the world like: Quote SetEnvIf CF-IPCountry RU BuzzOff=1 SetEnvIf CF-IPCountry TR BuzzOff=1 SetEnvIf CF-IPCountry FR BuzzOff=1 SetEnvIf CF-IPCountry KE BuzzOff=1 SetEnvIf CF-IPCountry MO BuzzOff=1 SetEnvIf CF-IPCountry NL BuzzOff=1 SetEnvIf CF-IPCountry HU BuzzOff=1 SetEnvIf CF-IPCountry MN BuzzOff=1 SetEnvIf CF-IPCountry FR BuzzOff=1 SetEnvIf CF-IPCountry ZA BuzzOff=1 Order allow,deny Allow from all Deny from env=BuzzOff So far so good.... I add a new country every time they create an account.... 99.8% of our business is from Canada and USA - so no worries really..... but would like to think this is temporary. Edited December 21, 2018 by greasemonkey Quote Link to comment Share on other sites More sharing options...
greasemonkey Posted December 21, 2018 Share Posted December 21, 2018 10 minutes ago, greasemonkey said: so (I think) I'm getting an accurate country for each account. lol nope, just had an account created with Russian Federation as country and Ukraine as IP. Working on installing @burt action recorder to get the correct IP... Quote Link to comment Share on other sites More sharing options...
♥John W Posted December 21, 2018 Share Posted December 21, 2018 (edited) There was a thread on this in the Cpanel forums and some of the ips will blur like that but you won't likely have any that show Russia or Ukraine that are CA or US. Edited December 21, 2018 by John W Quote I'm not really a dog. Link to comment Share on other sites More sharing options...
osComMarket Posted December 22, 2018 Share Posted December 22, 2018 No honey pot need, use google. They covered the issue. Quote Link to comment Share on other sites More sharing options...
mcbsolutions Posted December 24, 2018 Share Posted December 24, 2018 Thanks for this add on Jack. It has cut down alot on spammers and works well for me. I would like to block any spammer using gmail.com. Could you shed some light on how to add this in? Thank you. Quote Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 26, 2018 Author Share Posted December 26, 2018 On 12/24/2018 at 11:03 AM, mcbsolutions said: any spammer using gmail.com The following code will block any emails from gmail but if you truly mean to block "any spammer" from gmail, I don't think that is possible since spam can be a simple message saying "hello". But to block all emails from gmail, find if (!tep_validate_email($email_address)) { and change it to $fail = (strpos($email_address, 'gmail') !== false ? true : false); if ($fail || !tep_validate_email($email_address)) { mcbsolutions 1 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted December 31, 2018 Author Share Posted December 31, 2018 A new version has been uploaded with these changes: Changed the url search code to only look at the protocol and to check for named protocols. Changed the position of the error variable to make it global for the contact us page for pre-2.3 shops. Removed global option search that could fail in some cases. The first change is an important one because Russian spammers are starting to use the tld рф. There will probably be more to follow as the use of such tld's increase. The change to the code makes it so tld's are ignored so any url should be caught now. Please report any emails that get through with url's. mcbsolutions, altoid and valquiria23 3 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
puddlec Posted January 21, 2019 Share Posted January 21, 2019 recently installed this, and it has block most of the URL'S coming through, the ones it did not stop just had, the domain name in. e.g. instead of something like https://www.oscommerce.com they would just put oscommerce.com Quote Phoenix support now at https://phoenixcart.org/forum/ App created for phoenixTinyMCE editor for admin Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 21, 2019 Author Share Posted January 21, 2019 I thought I had tested that possibility but maybe not. But to be clear, the blocking of url's only occurs on the contact us page. If that is where the email was submitted, please show the actual contents of the email so I can test it here. You can change the domain name if you like. Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
puddlec Posted January 21, 2019 Share Posted January 21, 2019 one message was in Russian (i think) with the email at the end in the same format as above the other two had Hey Look what we possess in the service of you!, then some other text then end with the url. I have noticed since installing this on Thursday afternoon, that the spammers have changed from having http:://ww. part in, to removing it (could just be different spammers) only had three so far. i sent a PM with the actual emails in them Quote Phoenix support now at https://phoenixcart.org/forum/ App created for phoenixTinyMCE editor for admin Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 21, 2019 Author Share Posted January 21, 2019 Thanks for that. I tried it here and it got through as you said. I'll change the code to fix that in the next version. valquiria23 1 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Jack_mcs Posted January 27, 2019 Author Share Posted January 27, 2019 A new version has been uploaded with these changes: Added option to block account creation based on thr number of accounts and/or time accounts added. Added back some of the url checking removed in the last update to catch stragglers. Removed the PWA code in the create account page for pre-2.3 shops since it did not apply to this addon. This version aims to prevent the account creation of many accounts by scripts. There are two ways it does that. First, you can set a count for how many accounts may be created. So if it is set to 2, each customer can only create 2 accounts. If your site has legitimate customers that need more accounts, then don't use this setting or set it higher. Second, the code records the IP of the account creator as well as the time the account was created. If another create account is attempted by that IP in the time entered in the settings, the account won't be created. Both of the above can be used together or alone. altoid and valquiria23 2 Quote Support Links: For Hire: Contact me for anything you need help with for your shop: upgrading, hosting, repairs, code written, etc. Get the latest versions of my addons Recommended SEO Addons Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.