Post by supak111 » Fri Dec 04, 2020 4:15 am

Hey everyone I keep getting one jack ss with a bot restoring on my website daily multiple times. I don't even understand why he is doing since he isn't adversing his website url nor anything else??

I am on 3.0.3.2, I have googles rechaptch on the registration page and I even added a simple math verification that he bypassed, this:
<legend>Human verification</legend>
<div class="input">
<label for="number" class="title">Number between 21-25</label>
<input name="number" id="number" required="required" pattern="^[2-2]?[2-4]$" title="Please answer the question to prove you are human">
</div>
Does anyone have any suggestions how to win against this a**hole?

There are only 2 things consistent with his bot, last name always ends in 2 capital letters, and he alwasy puts the phone number with 8 digits.

Email is always random, first name too, and IP address is very random

Is there maybe a way to change the registration page URL from: index.php?route=account/register to something else? Or disable registrations with an 8 digit phone number and allow anything else? Or not let registration with a last name ending in a capital letter?

What are you thoughts guys, what would be the best way to going about this?

Any input much much appreciated :)

~ OC 3.0.3.2 - OCmods only ~


Active Member

Posts

Joined
Fri Feb 13, 2015 12:09 pm

User avatar
Expert Member

Posts

Joined
Wed Dec 05, 2007 3:38 am


Post by fegdeed » Fri Dec 04, 2020 10:00 am

You can get JNeuhoff extension or try another catcha preferably Paul's invisible captcha...
You can also add another layer to force email verification after registration.

Active Member

Posts

Joined
Fri Sep 21, 2018 12:01 am

Post by supak111 » Fri Dec 04, 2020 10:06 am

Just installed CSRF Protection Form https://www.opencart.com/index.php?rout ... on_id=4773, I'll see if that helps.

~ OC 3.0.3.2 - OCmods only ~


Active Member

Posts

Joined
Fri Feb 13, 2015 12:09 pm

Post by paulfeakins » Fri Dec 04, 2020 8:18 pm

fegdeed wrote:
Fri Dec 04, 2020 10:00 am
You can get JNeuhoff extension or try another catcha preferably Paul's invisible captcha...
Thanks very much for the recommendation :)

This is our extension: https://www.opencart.com/index.php?rout ... n_id=36312

But if they are able to get past Google's ReCAPTCHA AND your own custom one I think you can be fairly certain this is a human not a bot and therefore ours won't prevent them either unfortunately.

Perhaps some custom code to block people with 2 capitals at the end is the way?

For quick, professional OpenCart support please email info@antropy.co.uk


User avatar
Guru Member

Posts

Joined
Mon Aug 22, 2011 11:01 pm
Location - Reigate, Surrey, United Kingdom
Who is online

Users browsing this forum: No registered users and 23 guests