Page 1 of 1

New customer restoration SPAM help with reCaptcha ON

Posted: Fri Dec 04, 2020 4:15 am
by supak111
Hey everyone I keep getting one jack ss with a bot restoring on my website daily multiple times. I don't even understand why he is doing since he isn't adversing his website url nor anything else??

I am on 3.0.3.2, I have googles rechaptch on the registration page and I even added a simple math verification that he bypassed, this:
<legend>Human verification</legend>
<div class="input">
<label for="number" class="title">Number between 21-25</label>
<input name="number" id="number" required="required" pattern="^[2-2]?[2-4]$" title="Please answer the question to prove you are human">
</div>
Does anyone have any suggestions how to win against this a**hole?

There are only 2 things consistent with his bot, last name always ends in 2 capital letters, and he alwasy puts the phone number with 8 digits.

Email is always random, first name too, and IP address is very random

Is there maybe a way to change the registration page URL from: index.php?route=account/register to something else? Or disable registrations with an 8 digit phone number and allow anything else? Or not let registration with a last name ending in a capital letter?

What are you thoughts guys, what would be the best way to going about this?

Any input much much appreciated :)

Re: New customer restoration SPAM help with reCaptcha ON

Posted: Fri Dec 04, 2020 6:29 am
by JNeuhoff
Our SpamBot Buster tool should be able to prevent fake registrations.

Re: New customer restoration SPAM help with reCaptcha ON

Posted: Fri Dec 04, 2020 10:00 am
by fegdeed
You can get JNeuhoff extension or try another catcha preferably Paul's invisible captcha...
You can also add another layer to force email verification after registration.

Re: New customer restoration SPAM help with reCaptcha ON

Posted: Fri Dec 04, 2020 10:06 am
by supak111
Just installed CSRF Protection Form https://www.opencart.com/index.php?rout ... on_id=4773, I'll see if that helps.

Re: New customer restoration SPAM help with reCaptcha ON

Posted: Fri Dec 04, 2020 8:18 pm
by paulfeakins
fegdeed wrote:
Fri Dec 04, 2020 10:00 am
You can get JNeuhoff extension or try another catcha preferably Paul's invisible captcha...
Thanks very much for the recommendation :)

This is our extension: https://www.opencart.com/index.php?rout ... n_id=36312

But if they are able to get past Google's ReCAPTCHA AND your own custom one I think you can be fairly certain this is a human not a bot and therefore ours won't prevent them either unfortunately.

Perhaps some custom code to block people with 2 capitals at the end is the way?