Using Westminster_new and getting large numbers of spam from the Contact Us Form Page. How can we avoid this ?
Using Westminster_new and getting large numbers of spam from the Contact Us Form Page. How can we avoid this ?
At last check, the contact_us page of that template used what is called the honeypot. Also the template did *not* include some sort of easy fill in dropdown page so the issues are all associated with the contact_us page and/or the traffic permitted to be onsite.
So there are a few methods that can be used that have minimal impact to your true and valid customers while weeding out the others.
The honeypot "phrase" could be modified.
A "start" and "stop" time can be detected/used.
The form could use a sort of resubmission after being filled out again with one or both of the above.
Then there are the "turing" type tests of asking a question to have the party do something that seems to require the effort of a human. Captcha's, "simple" questions (though may I suggest that if the question requires written words that enough information be given so that the visitor can use the appropriate language to give the response?!)
Just understand that there are those that will try regardless. The contact us page is likely there to make it easier for your real customers to get in touch with you. If that is the goal, try not to make it too difficult for them to actually do that otherwise perhaps it just shouldn't be there...
ZC Installation/Maintenance Support <- Site
Contribution for contributions welcome...
If your 3rd-party template does not support Zen Cart's built-in spam trapping honeypot, then you might try the "non-captcha" plugin:
https://www.zen-cart.com/downloads.php?do=file&id=2207
But if your template is just outdated and is missing the built-in stuff then best to update the template as a first step.
.
Zen Cart - putting the dream of business ownership within reach of anyone!
Donate to: DrByte directly or to the Zen Cart team as a whole
Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
Bookmarks