Buy Now
Sign in

Data Validation and reCaptcha still allowing SPAM through

tschoch , January 21 2019, 19:15
T
tschoch 15
January 21 2019, 19:15 #383110
We are on Joomla 3.9.1 and the latest Chrono v5. Our forms have both reCaptcha v2 as well as data validation set for email address field and phone number. We are seeing large amounts of SPAM coming through with bogus data which shouldn't be passing due to the reCaptcha and field validations.
healyhatman 7
January 21 2019, 23:22 #383115
reCaptcha and field validation only stops automated tools, it won't stop a person sitting there and filling in the forms. What does "large amount of spam" constitute? And you're sure the reCaptcha is set up properly - you've tried to submit it without ticking the box?
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
T
tschoch 15
January 21 2019, 23:29 #383119
I should mention we are very proficient with Chronoforms and are using it on countless number of sites with the Unlimited license. We are seeing about 3,000 form submissions so far today... I don't think someone is filling it out manually.
The form has been tested many times and the front end validations are working for humans...
healyhatman 7
January 21 2019, 23:30 #383120
Got a link?
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
T
tschoch 15
January 21 2019, 23:34 #383121
https://www.clevelandmanagement.com/
healyhatman 7
January 21 2019, 23:38 #383122
Can you send me or post here an example spam email including the header
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
W
webhand 5
February 04 2019, 19:53 #383578
I have the same problem. Website (https://www.huesy.ch) is running on Joomla 3.9.2, Chrono Forms V5.0.17, reCaptcha V2, PHP 7.2. The reCaptcha works well for humans.

SPAM mails arriving every five to ten minutes with the following content for example:
In the meantime, is there any idea?

Thank you very much
*********
Return-Path: <murachka94@inbox.ru>
Delivered-To: info@huesy.ch
Received: from srv1.tophost.ch
  by srv1.tophost.ch with LMTP id 6O7bEHdPWFxhMAEA/BOfDg
  for <info@huesy.ch>; Mon, 04 Feb 2019 15:43:03 +0100
Return-path: <murachka94@inbox.ru>
Envelope-to: info@huesy.ch
Delivery-date: Mon, 04 Feb 2019 15:43:03 +0100
Received: from huesy by srv1.tophost.ch with local (Exim 4.91)
  (envelope-from <murachka94@inbox.ru>)
  id 1gqfSh-000Kac-71
  for info@huesy.ch; Mon, 04 Feb 2019 15:43:03 +0100
To: info@huesy.ch
Subject: Anfrage vom Kontaktformular
X-PHP-Script: huesy.ch/index.php for 31.184.238.9
X-PHP-Filename: /home/huesy/public_html/index.php REMOTE_ADDR: 31.184.238.9
Date: Mon, 4 Feb 2019 14:43:03 +0000
From: MelissaPiose <murachka94@inbox.ru>
Reply-To: MelissaPiose <murachka94@inbox.ru>
Message-ID: <fafd96d686359696fd58b3cf84c9a0ab@huesy.ch>
X-Mailer: PHPMailer 5.2.26 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: multipart/alternative;
  boundary="b1_fafd96d686359696fd58b3cf84c9a0ab"
Content-Transfer-Encoding: 8bit

This is a multi-part message in MIME format.

--b1_fafd96d686359696fd58b3cf84c9a0ab
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit

Es ist eine neue Anfrage über das Kontaktformular von www.huesy.ch eingegangen:
MelissaPiose


85724521893
murachka94@inbox.ru
Привет. Погода холодная, самое время заводить новые знакомства к весне.
Не нужно штаны просиживать, давай с нами сюда --> http://meeting-club.online
Ja, ich bin mit der Datenverarbeitung einverstanden.


--b1_fafd96d686359696fd58b3cf84c9a0ab
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: 8bit

<div style="font-family: Arial; font-size: 12px;">Es ist eine neue Anfrage über das Kontaktformular von www.huesy.ch eingegangen:<br /><br />
MelissaPiose<br />
<br />
<br />
85724521893<br />
murachka94@inbox.ru<br />
Привет. Погода холодная, самое время заводить новые знакомства к весне. <br />
Не нужно штаны просиживать, давай с нами сюда --> http://meeting-club.online<br />
Ja, ich bin mit der Datenverarbeitung einverstanden.<br />
</div>



--b1_fafd96d686359696fd58b3cf84c9a0ab--
Attachments
huesy-chronoforms-1.png
huesy-chronoforms-1.png
(923.26 KiB)
152 Downloads/Views
huesy-chronoforms-2.png
huesy-chronoforms-2.png
(59.75 KiB)
158 Downloads/Views
huesy-chronoforms-1.png
huesy-chronoforms-1.png
(923.26 KiB)
157 Downloads/Views
P
PhilippD 1
February 12 2019, 11:02 #383833
Hi @all!
We have the same issue on our website since january 2019. I looked into it and found out that Google Captcha is actually not blocking the spam!
I loged into my admin console on https://www.google.com/recaptcha/intro/v3.html and saw that on the days we received spam the google captchas where right! I always log the IP-adress in the email-form (just posting it in the email body) and got on form here on January 11 for example: https://www.stopforumspam.com/ipcheck/176.36.21.189
Can you check if it is the same for you? Then we have contact google about this...
Best Regards
Philipp
healyhatman 7
February 13 2019, 00:09 #383850
Well your one says it's FROM
murachka94@inbox.ru
Which suggests it wasn't sent by your site. Does the email you receive SAY it's coming from where you're expecting it to come from?
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
W
webhand 5
February 14 2019, 08:40 #383885
Thank you healyhatman! Maybe I don't quite understand your question.

The content in the e-mail also has parts of the form template. All e-mails come from .ru addresses. I'm sure they come in via the Chronoforms component. If I disable the form, then no SPAM emails come in.

The form sends a confirmation to the sender address. Because these .ru addresses don't work, every time an error message comes from the server. Therefore we always get two messages at the same time.

The form was created from the Chronoforms example template and slightly modified. I don't know what I could change.

Should I create a new form with Chronoforms 6? Will the problems with the latest version disappear?

Thank you for your help.

healyhatman 7
February 14 2019, 08:58 #383887
I don't know sorry, but updating to the current version can't hurt. I also sell a V3 plugin on my site if you want to use reCaptcha V3 frictionless.
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store