Dave
I could not find a contact slider on your web site to test. can you provide a direct link?
Printable View
Dave
I could not find a contact slider on your web site to test. can you provide a direct link?
The contact us link in the menu, register form on the login page... all my form pages have it... I've not added any css for the IE bug yet... still looking at the problem.. If your not getting it to show, try changing your compatibility settings.Quote:
Originally Posted by OldNGrey
Latest news.
For those of you who never changed the default settings for the three hidden field names, the script-kiddies have apparently downloaded the mod and included the default in their bot.
Had one customer that started getting spam, discovered default settings, changed settings, spam instantly stopped.
Yap, which is why I tried to make it super simple to change them, may let the computer do it in the next version.... another thing I've been tracking bots on a slider. the bots select the default value which should never be used as the test value.Quote:
Originally Posted by dbltoe
I appreciate the efforts to help combat this problem and it worked a treat for awhile but just doesn't work any more. I guess they have fine tuned their attacks for every possibility. Since the slider can't be used in IE we can't turn that feature on but I imagine it wouldn't last long. If I've missing something please pm me.
Actually, the slider works with IE 10 and up! The javascript that displays the value does not due to MS idea of how HTML5 should be.. so to fix that you should use different wording like slide to the number 22 for IE does a alt tag on the slider foot displaying the current number its on... all this is editable in admin.Quote:
Originally Posted by athena
Don't use default field names, change them when you think bots have found there names.
Just keep changing the field names in admin? okay... will try that... thanks.
Unfortunately, 'but just doesn't work any more.' really doesn't tell me much and all I can do is play wack-a-mole at helping. I just ran 3 new hacks at my own site and still not getting past.. links lets me see how the code is used.Quote:
Originally Posted by athena
Same spam coming through even though default field names were changed. Your answer to just keep changing the field names for some reason had not occurred to me. I thought that despite the fact I had changed the default names they were discovering somehow what they were and getting past them. I deleted all the false customer registrations with 1st names beginning with http.... etc. and I have not seen any new come in since changing the field names once again.
Interesting... another wack at the mole... if you are getting html in input fields then you have an issue that passes the basic sanitation of a default install... adding a CAPTCHA would not help..Quote:
Originally Posted by athena