non-CAPTCHA and Honey-pots

[mariemeh]

I should also add that at this moment, if I try to join the newsletter, it doesn't work but the spammer are still able to get in. Not sure what it means.

[davewest]

http://myembroideryhaven.com
v156a, php 7.1.32
Column layout grid
Langage Currency Links in Headers
Edit_orders 4.3.5
Canada Post shipping module
Flexible footer Menu
Simplified Social Share
Ip blocker
Ultimate SEO Urls
Newsletter Subscribe
Reward Point Full Suite
Recover Sales Cart

1st question: would my version of php cause issues with this mod?

2nd question: Dave are you using a mod for newsletter?

I'm asking these questions because i'm having a hard time making the mod work on my site and I really need it to work on my website with a mod for newsletter only subscriber. I saw Dr Byte's post referring to adding older files that are no longer in zc, however, I saw a "newsletteronly" class on your tpl_subscribe_default.php and thought maybe it would work if I used the same newsletteronly mod. Right now when I go live with zenNon-Captcha, I get the not a human yet message when creating an account and emails don't get added to the list for the newsletter subscription.

1st question:) This mod is not php dependent and I have it running on ZC1.5.6b and php7.3.7
2nd question:) I started with the newsletter only mod but modified it. I don't use the slider on it, just the hidden fields..

If your template modified the header_php.php file by removing or changing the notifiers, then the checks would fail. You also have the slider saying 19, but the script is saying human! check your setting in admin that all says the same thing..

I should also add that at this moment, if I try to join the newsletter, it doesn't work but the spammer are still able to get in. Not sure what it means.

I just had a look at the existing mod, there is no usable notifiers in the header and not a match for what I'm using. I'll have to work on a fix.. which is why its not working for you.

[mariemeh]

1st question:) This mod is not php dependent and I have it running on ZC1.5.6b and php7.3.7
2nd question:) I started with the newsletter only mod but modified it. I don't use the slider on it, just the hidden fields..

If your template modified the header_php.php file by removing or changing the notifiers, then the checks would fail. You also have the slider saying 19, but the script is saying human! check your setting in admin that all says the same thing..


I just had a look at the existing mod, there is no usable notifiers in the header and not a match for what I'm using. I'll have to work on a fix.. which is why its not working for you.

would it help if I post a copy of my header file and if so, which one? and about the 19 and human thing, I purposely did it that way. I want to see how people react to it. I plan on trying different things and see what works best for my site. The majority of my customers are not comfortable with ordering online and such. So time will tell me which is the best thing to do.

And in the meantime, can I just revert to my old tpl_subscribe_default.php without it affecting the other pages?

[davewest]

would it help if I post a copy of my header file and if so, which one? and about the 19 and human thing, I purposely did it that way. I want to see how people react to it. I plan on trying different things and see what works best for my site. The majority of my customers are not comfortable with ordering online and such. So time will tell me which is the best thing to do.

And in the meantime, can I just revert to my old tpl_subscribe_default.php without it affecting the other pages?

I don't need the header...
19 vs human... its never correct and confusing to users... not good..
as not comfortable on ordering, when I check your login page I was hit with tracking and third party cookies, also no SSL installed!

changing back the subscribe page would not affect any others.

[mariemeh]

I don't need the header...
19 vs human... its never correct and confusing to users... not good..
as not comfortable on ordering, when I check your login page I was hit with tracking and third party cookies, also no SSL installed!

changing back the subscribe page would not affect any others.

tracking and third party cookies?? how can I see that? And the no ssl installed, I am confused and pretty much clueless. I thought it was all installed since the https was there.

[mariemeh]

ok found what you meant for the SSL and what I hadn't done properly and fixed it so thank you. and the 19 as well :)

so for now, no way for me to stop being spammed on the newsletter?

[davewest]

ok found what you meant for the SSL and what I hadn't done properly and fixed it so thank you. and the 19 as well :)

so for now, no way for me to stop being spammed on the newsletter?

Sorry, but you're losing me. Newsletter has only email input field so the stock ZC does a nice job filtering, which is why that field was not used. The code I use has a different header file for newsletter subscribers due to both subscribe and unsubscribe are within the same form, but it would not allow anything but email addresses too..

What type of spam are you getting?

[mariemeh]

Sorry, but you're losing me. Newsletter has only email input field so the stock ZC does a nice job filtering, which is why that field was not used. The code I use has a different header file for newsletter subscribers due to both subscribe and unsubscribe are within the same form, but it would not allow anything but email addresses too..

What type of spam are you getting?

fake email addresses... hundreds a week. Some are obvious but others look legit, others are legit but never wanted to join my website but their email addresses were used... I find out weeks and months later and sooner or later I get blacklisted with some providers and have to contact them. It's not the end of the world but it is time consuming.

if it is something I'm doing or not doing, well let me learn

[davewest]

fake email addresses... hundreds a week. Some are obvious but others look legit, others are legit but never wanted to join my website but their email addresses were used... I find out weeks and months later and sooner or later I get blacklisted with some providers and have to contact them. It's not the end of the world but it is time consuming.

if it is something I'm doing or not doing, well let me learn

I would say to use a regex string to force correct typing of email addresses, but that would only stop some, if they are truly using your form. The only good answer is to turn off non-account newsletter subscription service. Force them to use the create account system where you have more control with non-CAPTCHA.. Bots are programmable, but they have a hard time not filling in all the boxes..

Theirs no mods to verify email addresses as existing in ZC.. There are ways of doing this if you want to create the class.. basically using SMPT to get the MX records for the domain.. https://www.codexworld.com/verify-em...ts-domain-php/

The other methods I know of (text to verify) cost dollars to use..

You should ask on the newsletter subscription mod page, think they got reCAPTCHA to work...

[mariemeh]

I would say to use a regex string to force correct typing of email addresses, but that would only stop some, if they are truly using your form. The only good answer is to turn off non-account newsletter subscription service. Force them to use the create account system where you have more control with non-CAPTCHA.. Bots are programmable, but they have a hard time not filling in all the boxes..

Theirs no mods to verify email addresses as existing in ZC.. There are ways of doing this if you want to create the class.. basically using SMPT to get the MX records for the domain.. https://www.codexworld.com/verify-em...ts-domain-php/

The other methods I know of (text to verify) cost dollars to use..

You should ask on the newsletter subscription mod page, think they got reCAPTCHA to work...

Thanks I will go try that.