Please, give me an advice. How can I get rid of spam that creates fake customers? Every day 20-30 fake customers are created.
Thanks!
Please, give me an advice. How can I get rid of spam that creates fake customers? Every day 20-30 fake customers are created.
Thanks!
This is happening to me also. 3 different sites on 3 different servers. All started happening around the same time. Roughly a week ago. March 23rd ish.
adding reCAPTCHA or non-CAPTCHA can help fix issues with bots... with non-bots or human spammers, a simple regex line can help. Regex can also limit or hinder good account creation too..
The standard create account line for first name on a ZC156a page is
adding this in red blocks some characters not normal to names and limit the length to 20 characters.Code:<?php echo zen_draw_input_field('firstname', '', zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . ' id="firstname" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' . ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>
This only works on humans, bots well walk right by it...Code:<?php echo zen_draw_input_field('firstname', '', zen_set_field_length(TABLE_CUSTOMERS, 'customers_firstname', '40') . ' id="firstname" pattern="^[^±!@£$%^&*_+§¡€#¢§¶•ªº«\\/<>?:;|=.,]{' . ENTRY_FIRST_NAME_MIN_LENGTH . ',20}$" placeholder="' . ENTRY_FIRST_NAME_TEXT . '"' . ((int)ENTRY_FIRST_NAME_MIN_LENGTH > 0 ? ' required' : '')); ?>
I would also check the template or mods you may be using that they meet current ZC filters.
Dave
Always forward thinking... Lost my mind!
None other then wasting your time and resources... basically your mail server and database. If its IP addresses to countries you don't serve you can do a whois search and get the IP range to block through your cpanel ip blocker. I use geektools dot com Pointing to there entry page so you know who they are... look to the top right for the whois page. Assuming you have a tracking mod installed in ZC or you would have to use your raw access logs from your cpanel for IP's.
The spam I've seen are bots who found you to have open inputs without spam protection or using the default words. If they find an open submit, they will exploit it to the max inputs your system can handle. The default ZC filters well strip out html in basic name input fields, the fact that some fields have URL's in them is interesting, I would check your code to see why.
Dave
Always forward thinking... Lost my mind!
The harm is damage to your reputation. You are not the target of the attack . . . merely the tool. The account creation sends an email to the email address provided containing spam and links to potentially serious malware from your shop, domain and ip address. Potential result is blacklisting of your genuine emails by major email providers like gmail, yahoo, apple, etc.
Using Zen Cart 155e
Our website has been receiving the same fake account creations. I've blocked a range of IP addresses via our cPanel and have removed a number of countries from the database that we don't serve. I've also tried to track down the IP address to find a common denominator and blocked them. Given we are not the only targets or tools suggests bots are being used and for us they all seem to come from Urkraine/Russia. I'm no expert but this has been my observation. If only we could rename 'create_account' on a global scale - assuming these bots are trawling the web for create account files.
I've looked at the common factors in the emails we've received (9 since 28 March) from the fake accounts. In the From section these are:
http://project1226271.tilda.ws
http://project1206632.tilda.ws
Full examples (these are only 2 of the 9):
Dear Mr. Constance has left you 3 personal calls http://www.vejen-jagtforening.dk/ind...26271.tilda.ws
Dear Mr. Helena wants to see you in 12 hours http://www.theu.ro/click.php?url=htt...06632.tilda.ws
We're getting the same issue with url's in the name field. I've also looked in the Customer table in our database using PHPMyAdmin. I can see that for all our legit customers the email field is HTML where at the fake accounts are TEXT. Not sure if this is relevant. We are using ZC 155e. I would have automatically assumed that ZC filters would scan the name fields and prevent certain characters from being used.
Bookmarks