OpenCart Community

I have caoture enabled but still get the odd fake account getting through, this was only one or two every few days and i would just delete them, this weekend i have had over 30..is there something wrong ?

Loady wrote: ↑

Sun Jul 04, 2021 11:16 pm

I have caoture enabled but still get the odd fake account getting through, this was only one or two every few days and i would just delete them, this weekend i have had over 30..is there something wrong ?

OC version. Captcha has not been compromised. You simply need an extension from the Marketplace to use an up-to-date version of Captcha.

Is that a free extension?

Free / Paid Captcha has nothing to do with being compromised or not. Since you're asking if there are free extensions, then you are simply looking for a free extension.

You need this but it's not free: https://www.opencart.com/index.php?rout ... n_id=36312

You can try our SpamBot Buster (not a free extension though) which doesn't need a captcha at all. We haven't had fake account registrations or spambot messages for over a year now on our live sites.

I also got a lot of spam despite captcha, there is a bot that is good at cracking captchas.

Eventually I just hardcoded my own spam protection by adding a field in the contact page that asks a question that needs to be answered with the letters APA. So far no spam.
First I tried to have users answer the question "what is 4+5" but the bot had no problem cracking it. It needs to be something trickier.

Also, I removed the possibility of creating an account on the separate page. They have to create the account when they make an order.
I had some bot creating 300+ accounts, with my server sending out an email for each time, and then we got blacklisted by spam-assistants.
So I advice you to check your page of registered users, order by creation date, and see if there is a lot of spam accounts.

fredJ wrote: ↑

Wed Jul 07, 2021 6:15 pm

I also got a lot of spam despite captcha, there is a bot that is good at cracking captchas.

Agree, most captchas are pretty useless these days because spambots tend to overcome them too easily.

Yea getting alot of bots registering dummy accounts, i tried using both google catpcha and the default opencart one without any changes,

PhantomMenace wrote: ↑

Thu Jul 08, 2021 7:08 pm

Yea getting alot of bots registering dummy accounts, i tried using both google catpcha and the default opencart one without any changes,

You may then want to consider to find a CSRF protection form extension.

I've been using Google reCAPTCHA on OC 3.0.3.2 and never had any fake accounts ever since. If I remember right the extension exists by default and you can add it to all default forms, or using a (paid) Form Builder extension to your custom forms. You only need to register at Google to get both a site key and and a secret key, which you will enter on the extension page: Extensions > Captcha > Google reCAPTCHA

If the captcha does not function it could be due to some modification.
Have you tried turning off any modifications one by one to see if captcha then works?

Just noticed on my website that even tough i have the google re-captcha enabled and linked,

Im able to register accounts and send contact forms witout checking the checkbox?

When i use the basic opencart captcha it doesnt let me do that, it actually prompts to enter the catpcha,

PhantomMenace wrote: ↑

Tue Jul 13, 2021 8:22 pm

Just noticed on my website that even tough i have the google re-captcha enabled and linked,

Im able to register accounts and send contact forms witout checking the checkbox?

When i use the basic opencart captcha it doesnt let me do that, it actually prompts to enter the catpcha,

Known issue. Use one from the Marketplace instead of the core.

straightlight wrote: ↑

Tue Jul 13, 2021 9:09 pm

PhantomMenace wrote: ↑

Tue Jul 13, 2021 8:22 pm

Just noticed on my website that even tough i have the google re-captcha enabled and linked,

Im able to register accounts and send contact forms witout checking the checkbox?

When i use the basic opencart captcha it doesnt let me do that, it actually prompts to enter the catpcha,

Known issue. Use one from the Marketplace instead of the core.

Yea that fixed it thanks

PhantomMenace wrote: ↑

Tue Jul 13, 2021 11:13 pm

straightlight wrote: ↑

Tue Jul 13, 2021 9:09 pm

PhantomMenace wrote: ↑

Tue Jul 13, 2021 8:22 pm

Just noticed on my website that even tough i have the google re-captcha enabled and linked,

Im able to register accounts and send contact forms witout checking the checkbox?

When i use the basic opencart captcha it doesnt let me do that, it actually prompts to enter the catpcha,

Known issue. Use one from the Marketplace instead of the core.

Yea that fixed it thanks

Great. Now that the issue has been solved, please add: [SOLVED] at the beginning of the subject line on your first post.

well i am yet to filter through the suggestions given here. With thanks