Buy Now
Sign in

Bot sending empty forms

joachimliedtke , July 16 2019, 09:11
J
joachimliedtke 70
July 16 2019, 09:11 #388250
Bug or not? From time to time I receive empty mails sent from a form. The corresponding log looks like this
GET /pagename?chronoform=formname&event=submit HTTP/1.1" 200 12144 "-" "Mozilla/5.0 (compatible; SemrushBot/3~bl; +http://www.semrush.com/bot.html)
I am wondering why a GET triggers the action and how can I prevent this behaviour?
GreyHead 64
July 16 2019, 11:32 #388251
Hi Joachim,
Adding a Captcha plus Serverside validation should block these.
Bob
ChronoForms technical support
If you'd like to buy me a coffee or two, thank you very much
J
joachimliedtke 70
July 16 2019, 12:45 #388253
A captcha is there, several fields are required and the action Validate Fields is used. I guess I am misunderstanding how the validation really works, first thought was that marking a field as required would be enough.
On the validation tab for a field I can enter validation rules. What validation rule I do have to enter, when the field e.g. surname is not allowed to be empty? TIA
GreyHead 64
July 16 2019, 13:33 #388254
Hi Joachim,
The Captcha should block any spam emails if it is configured correctly. The Check Captcha action should be the first action in the On Submit event and be set to re-load the form (or redirect) if the Captcha fails.
Bob
ChronoForms technical support
If you'd like to buy me a coffee or two, thank you very much
healyhatman 8
July 16 2019, 23:47 #388263
Setting something required works on the front end for users that don't disable JavaScript. You still need server side checks. You also need to check the recaptcha has been done properly, with the check recaptcha action or using the automatic check.
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
admin 28
July 19 2019, 02:48 #388310
Try to access that url directly yourself, does it work ?
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
July 19 2019, 06:22 #388318
You still need server side checks.
That is my problem. How? The latest manual differs from the current version and to be honest, I could not find out how to add server side check and how they have to look like.
You also need to check the recaptcha has been done properly, with the check recaptcha action or using the automatic check.
Automatic check is enabled.
Try to access that url directly yourself, does it work ?
What do you mean? If I directly access the URL with the aforementioned GET parameters an empty Mail will be sent. In the meantime until I figure out how to set up a proper form, I blocked the bots with a htaccess. Thanks for your assistance so far.
admin 28
July 19 2019, 10:54 #388325
If I directly access the URL with the aforementioned GET parameters an empty Mail will be sent.
This means something is wrong in your form, is this a v6 or v6.1 form ?
If its a v6.1 and you have the settings configured correctly and recaptcha enabled then this should not happen, can you remove sensitive data from your form then upload the form backup somewhere for checking the setup ?
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
July 19 2019, 11:44 #388328
It should be v6.1, see the link for the backup. TIA
https://send.firefox.com/download/37d89064415e83ec/#WvPS11QQ45D6tBcDbI9ANQ
admin 28
July 27 2019, 05:57 #388438
i'm checking now and it says link expired, but if you have v6.1 form then do not use any "check" security actions on submit, just enable the settings for that in the form edit page.
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
July 29 2019, 06:11 #388458
There is no extra check on the submit button and settings are enabled (I believe). Here again the link:
https://send.firefox.com/download/0f9d9fe181d4f669/#x2Rw5qOtp6Q099jlnxOyyQ
admin 28
August 04 2019, 04:38 #388629
Again it says the link has expired, under the form settings, does it have the "Check security fields" as enabled or not ?
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
August 05 2019, 08:41 #388652
Yes, Check security fields is enabled.
admin 28
August 12 2019, 07:58 #388782
I'm not able to access the submit page directly under:
index.php?option=com_chronoforms6&cont=manager&chronoform=neuwiderruf-copy&event=submit
Is your form displayed inside an article ? if yes then do you use the v6 "content" or "system" plugin ? the content plugin has problems with caching
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
August 12 2019, 08:05 #388785
The form is displayed inside an article.
{chronoforms6}neuwiderruf{/chronoforms6}
admin 28
August 12 2019, 08:15 #388787
And, do you have the v6 content plugin enabled under the joomla plugins manager ?
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
August 12 2019, 08:22 #388790
Sorry, yes I have it enabled.
admin 28
August 12 2019, 08:25 #388792
please disable it and test the form again!
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!
J
joachimliedtke 70
August 12 2019, 08:36 #388795
 1
Disabled and it seems to work, because now the message is displayed, that the correct icon wasn't selected.
admin 28
August 12 2019, 08:37 #388796
Great! so problem solved ?
Max
If your main question got answered then please mark the answer using the button!
Please let us know if you have any problems with the new forums text editor, we appreciate your feedback!