OpenCart Community

Dear Master,

I get a lot of spam registrants on my website every day.
is there a way to stop this ?

add captcha to register page?

As described here, the built-in CAPTCHA has been broken by bots.

The Google one is a mission to set up and is horrible for users.

Luckily we built an invisible CAPTCHA that is so far 100% spam proof and requires no action from the user:
https://www.opencart.com/index.php?rout ... n_id=36312

Hello

Can somebody tell me what´s the benefit of create dozen of false customers every day in my site? I receive daily also false emails like HJYtfdsgtsadT. Why?
Regards

dracoteam wrote: ↑

Fri Dec 20, 2019 6:33 pm

Can somebody tell me what´s the benefit of create dozen of false customers every day in my site? I receive daily also false emails like HJYtfdsgtsadT. Why?

We've been trying to work this out, but so far we can't seem to think of their reason.

Perhaps it's Russian hackers after too much vodka?

Probably they're testing your checkout for any kind of security faults. Check your order list, display missing orders and see, if there're any from fake customers.

Thanks for your help.
No orders yet, just new customers and emails with no sense.
I hope they change vodka to orange juice soon

Well, I have a christmas gift for you, if you care, to keep off a whole range
of intruders for good. It's out of my .htaccess file, and it also locks out
a bunch of PROXY Users also. But better make sure, not to accidentally lock
out your 'legal' Site Visitors, or yourself...
Merry christmas !
Ernie

PS. I have it now removed again, it hopefully served it's purpose ...

Blocking anything ip related is futile.

Well, it's just one more step, to keep a Site from getting visited by unwanted Guests.
Like a Lock on a Door, it might not keep one, from breaking in through a Window.
Most unwanted visitors are no professional Hackers, and for them, it does it's Job well. In
combination with other htaccess filters, and that's all I need, to keep my sites alive and well,
and my access and error logs quite clean, for the past two decades at least ..

Ban by IP is a lock for which everybody in the world besides a few people has a key.

Most unwanted visitors are no professional Hackers, and for them, it does it's Job well.

Sure, I can block virtually every ip address and then claim that it keeps bad guys out.

Problem is that ip addresses change hands, whole ip blocks are sold and bought across countries daily, with the ip4 shortages those transactions are increasing rapidly, what is an ip of a bad person today is the ip of a good one tomorrow and visa versa.

How are you going to maintain that blind list of ranges?
You even block the university of california now and you probably don't know because blocking via htaccess gives no feedback as to who you are blocking.

if you must insist on blocking "the cheap, no professional Hackers/spammers", block requests over HTTP/1.0 protocol.
Professional hackers/spammer simply rent a server at amazon/microsoft/Rackspace/... cloud services for a few hours.

Well, my Sites are not that much of importance to real Hackers, so I don't have
to create a Fort Knox out of them. I just hate, to be bugged. It depends on the
situation, at first, I block single IPs, and if multiple Subnumbers are listed, entire
Blocks. It works great, and it does not slow down anything, contrary to some
other solutions. But as I said, it's just one of the options, to keep those out,
trying to make me feel bad, by looking for holes, publicly known in OC Installs.
And I also use a top notch Hoster, the probably most decisive Factor of them all.

well, htaccess always slows down.
If you want to block all known tor exit nodes (like you have many in your list) you are looking at approx. 1500 entries alone.
So you may have to ask yourself, how often am I visited by these ip's and what is the risk if they do vs. maintaining these lists and the slowdown they cause.

dracoteam wrote: ↑

Fri Dec 20, 2019 6:33 pm

Hello

Can somebody tell me what´s the benefit of create dozen of false customers every day in my site? I receive daily also false emails like HJYtfdsgtsadT. Why?
Regards

The following link on suggest, the reason is to to use your site and other sites to send lots registration emails to a victim, in the hope this will overwhelm them and distract them from some other malicious activity.
https://webmasters.stackexchange.com/a/115694

letxobnav wrote: ↑

Sun Dec 22, 2019 6:35 am

well, htaccess always slows down.
If you want to block all known tor exit nodes (like you have many in your list) you are looking at approx. 1500 entries alone.
So you may have to ask yourself, how often am I visited by these ip's and what is the risk if they do vs. maintaining these lists and the slowdown they cause.

letxobnav is correct, a ton of IP's in .htaccess and depending on your traffic might put huge strain on your server resources. If you wanted to block a ton of IP's, it might be better to block from a firewall level or even better offset those resources to a dedicated hardware firewall.

Well, I full agree on that, Professionals have/use other ways.
But I'm not talking about and to Online_Pro's here, but to those,
likely working on a near_to_zero Budget, and trying, to possibly
keep some Regions, Countries, whatever, largely off from accessing
a Shopsite, with most common and simple free tools.
---
My SITE ROOT .htaccess file contains ~1472 Lines, including ~690 IP Denials
and my SHOP .htaccess file contains ~247 Lines, all just valid for the Shop.
--
I made some tests, with and without the ROOT .HTACCESS File, it might slow
down performance from 99 % Mobile to sometimes 97%, but other Values are
more or less the same.
It also depends on the Server, to deliever, what one is expecting, and pays for.
Just like in real Life too ...
---
download/file.php?mode=view&id=38176

We are not talking about slowdown on a single page-speed test.

anyway, my methods to block contact spammers, I do not use Captcha for this as I also hate to click on traffic-lights, cars and shop-signs just to send a mail.
I do for registration as that is more formal anyway.

1) block http/1.0 requests ( I do this for all requests not just contact with a page stating to update their browser).
Most cheap spammers are not identified by ip but by using the cheap proxies.
2) block requests with no accept language header ( I do this for all requests not just contact except for known/accepted bots, just 404 them)
Virtually all browsers and virtually no bot (except some chinese) set this. If it is not set and it is not an accepted bot, you do not want it.
3) use a form id post/session variable to prevent post submission bypassing the contact form.
Just a simple random id set and check with the session.
4) enforce contact form enquiry field key-strokes, submit button is disabled until a minimum number of characters are typed (not pasted), makes human spam-farm's life miserable as their game is speed so they don't type but paste the entire enquiry and hit submit.
5) validate enquiry field on known spammer keywords like:
:// (no spam is complete without the odd hyperlink)
results
online
marketing
advertizing
advertising
blast
deal
opportunity
cashback
thousand
million
brand
click
unsubscribe
! (spammers love to use exclamation marks and I hate them anyway)

These keywords you would have to adjust to fit your line of business, i.e. what kind of keywords do spammers use which would rarely be used by your potential customers but :// and ! are a dead giveaway it's a spammer (or very annoying customer).

Hi
Since I purchased this extension, I have not had any spam whatsoever (except spam fritters for lunch) a top-quality module recommended very easy to install as well

https://www.opencart.com/index.php?rout ... n_id=36312

flog wrote: ↑

Mon Dec 23, 2019 5:11 pm

Since I purchased this extension, I have not had any spam whatsoever (except spam fritters for lunch) a top-quality module recommended very easy to install as well

https://www.opencart.com/index.php?rout ... n_id=36312

I'm very glad to hear it indeed