Blocking User

[mshultise]

I need to block a certain user from creating an account. I believe that since they add items to the cart and try to check out using credit card, that they are testing CVV numbers or expiration dates, etc. I posted in 'Hack' but got no suggestions.

Evil doers create the same account multiple times on each cart every month using the same 1st and last name, address, phone and so on. All that info is a U.S. address. The only difference is the email and what IP they come from, mostly from a non-U.S. IP and that is easy to block in the .htaccess file. However some of these sites have international customers.

Please post a code snippet and location where I can best check for this same account info and not create the account. Perhaps displaying a 'database corruption' or 'down for maintenance' message or some such so they go away.

I am hoping for a 'if first name = and last name - and zip = then display message and exit' type code. I think this may be in functions_customers, but could use some direction.

Thanks.

[swguy]

File: includes/modules/create_account.php

around line 75 (in 1.5.5f)

Code:

if ($postcode == "20500" && $firstname == "Vlad" && $lastname = "Putin") { 
      $error = true;
      $messageStack->add('create_account', "This account already exists.", 'error');
}

Giving them a fake error rather than exiting will keep them guessing. :)

Good luck!

[davewest]

You could block names, phone, but your list would most likely grow large and start blocking good users. Have you gone back to your raw access logs and try to match time/IP with the attempts? Tracking back to see what if anything is common in the user agent string. Most well use older versions of Firefox for it offer better interaction with spoofing addons...

It's a bit of work, but you could code in a email address opt-in basically locking access until they answer the opt-in email. I've done this, but without locking there account. Forcing opt-in has the affect of ticking off customers.

If you find a common user agent or email domain, there are some things you can try...

[mc12345678]

To add to swguy's suggestion, I would include some "space" clearing code to remove whitespace from the beginning and end of each of those entries.

For what it's worth, have seen similar account creations on another site. In some cases the accounts have shown more than one login occurrence, though the date between initial account creation and a later login had a lot of time between the two.

Such reoccurrence seems to identify some level of consistency in making the attempts as at least a password was consistently able to be entered (investigation did not go into verifying whether a change of password email was requested or other such means to regain access).

[mcpisik]

I'm hoping to block fake account creations, by blocking the Company Name field, if it equals 'google'
Every spam account created has google as the company for me.

Using 1.54 I'm not quite sure how to edit and where to add the suggested above in
includes/modules/create_account.php ?

[dbltoe]

Perhaps lat9's Access Blocker will do the trick for you.

[mcpisik]

Thanks for the idea.
I've installed it, but it's mostly for ip related blocking and no where to block by Company name or names in general.
If I could just block by Company name, I'd be sorted.

[dbltoe]

The beauty of open source. Make it your own.

[dianysmedia]

Thanks for the great idea!!

[swguy]

I have such a module that will be coming up in about a month. It's called JerkBlocker and it has tons of configurable options. :)