Buy Now
Sign in

Spammers (?) submitting empty form repeatedly, without completing required fields

emills01 , July 30 2019, 18:06
E
emills01 89
July 30 2019, 18:06 #388527
I've got a new Chronoforms install that just went live yesterday. Since then I've been receiving numerous form submissions which are completely empty of content. They are not completing the fields - and I have numerous required fields.
I tested my form and was not able to send an empty submission bypassing CAPTCHA, and I was not allowed to enter spaces in the fields. So I'm not sure what is happening. If I had to guess I'd say they are spam attempts as they are coming in batches of 2-4 periodically, but again there is nothing in the fields. It's just totally blank. I do have a template and the output of the template is coming through; just without any of the fields completed.
I'm not sure how this is happening and with the testing I just mentioned I've exhausted any ideas I have. How are they able to do this and how do I make it stop?
GreyHead 64
July 31 2019, 07:35 #388540
Hi emills01,
Please make sure that you have serverside validation enabled - it is most likely that there is something scanning your site and checking all the URLs (it may even be a securoty feature on your host). Clientside validation relies on JavaScript being enabled and will not block this kind of 'submission'.
Bob
ChronoForms technical support
If you'd like to buy me a coffee or two, thank you very much
healyhatman 9
July 31 2019, 09:05 #388545
Make sure you're either using the "check security fields" option OR are using the check recaptcha action.
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
July 31 2019, 18:36 #388564
Please make sure that you have serverside validation enabled
I'm assuming this is "Validate Data" under Security under Setup...where does this go in the form? I can't find any instructions specific to Chrnonoforms 6 which I'm using, only 4 & 5.
Make sure you're either using the "check security fields" option OR are using the check recaptcha action.
I do have "Check Recaptcha" placed in Setup > Submit
healyhatman 9
July 31 2019, 21:35 #388565
And so you have an event load in the fail event?
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
August 01 2019, 14:53 #388578
And so you have an event load in the fail event?
I do not - just to make sure I'm perfectly clear, "Event Loader" under Basic should be placed inside Submit > Fail?
healyhatman 9
August 01 2019, 14:56 #388579
You need an event loader to go back to load in thefail event or it will continue executive
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
August 01 2019, 15:14 #388581
Is this correct? Is there anything else I'm missing?
healyhatman 9
August 01 2019, 21:47 #388587
Yes that will be correct
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
August 02 2019, 15:02 #388607
Please make sure that you have serverside validation enabled - it is most likely that there is something scanning your site and checking all the URLs (it may even be a securoty feature on your host). Clientside validation relies on JavaScript being enabled and will not block this kind of 'submission'.
Is this still necessary as well, and if so how do I implement it for CF 6 (Wordpress)?
healyhatman 9
August 02 2019, 21:25 #388613
Server side validation is always necessary
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
August 05 2019, 14:09 #388672
OK, great. Is there a guide for how to set this up specifically for CF 6 for Wordpress?
healyhatman 9
August 05 2019, 14:26 #388673
No you just need to use the validation actions in your submit event OR turn on the validation options on the first tab - "Enable server validations" and "Check security fields"
Web developer at SkySpider.com.au - I DO NOT work for ChronoEngine!
Donations: paypal.me/healyhatman
Professional Work: kamron@skyspider.com.au
Custom CF / CC Plugins and Extensions: skyspider.com.au/store
E
emills01 89
August 06 2019, 18:20 #388687
validation options on the first tab
I don't see this - could you clarify?
A
Alistair 116
December 06 2019, 17:33 #390255
Emills the "Validation Options" you can only see if you switch to New 6.1.
Although, in my case, it didn't solve the empty messages issue.
A
Alistair 116
April 02 2020, 08:53 #391879
The empty message ratio has now grown exponentially, around half of emails are received wih no text.