Buy Now
Sign in

Filtering out spam, beyond Re-captcha?

squiffed , December 04 2020, 17:41
S
squiffed 28
December 04 2020, 17:41 #395156
We use CF6 to implement a pretty simple RMA form for our customers - just collects some address and product info and on validate it sends an e-mail to us and stores data in DB. There is a re-captcha implemented but we still get a fair amount of spam coming thru and was wondering what else I could do. Two things that most spam posts feature are either an e-mail field that ends in '.ru' or a web-link in comments field. It seems that maybe with clever use of validation and regex or something else, I could get rid of these without alerting the user. Wondering if anyone else has implemented something like this so I don't reinvent the wheel. Note that I'm not a web design pro - just a self-taught type so pretty easy to go over my head.
thanks!
S
squiffed 28
December 04 2020, 22:52 #395158
 Answer
OK - I found a similar thread on not allowing submits from certain domains posted just a few days ago... so used php action to look for '.ru' and 'http' in some fields and then change the e-mail address where it gets sent if needed.
I can use that e-mail field as a basis for deleting a bunch of it out of the database periodically. Good enough for now.
J
jamesp100 44
June 06 2021, 10:28 #396621
Hi,
Can you post your solution here please as I have the same issue.
Thanks
James
S
squiffed 28
June 07 2021, 20:23 #396632
I can't get this to upload a screenshot, so will have to try verbiage:
On submit if Google Captcha test is passed, it sends e-mails to addresses the user has supplied and to 'GroupEmail@gmail.com'. Within the Google captcha I put the following PHP code. Typical spam either has a link in the textarea8 (testing for 'http') or is coming from .ru where we have no customers. So if it finds these, it sends to 'myOtherEmail@gmail.com' instead of to 'GroupEmail'. That way I can periodically review in case there's a valid submit, but the group doesn't get it. (So far thru 100's of spam submits, there has not been a valid one.) I can then use the 'myOtherEmail' to filter all this garbage out of the database if that's important to you. Code below:
if(strpos($this->data["tc_email"],".ru") !== false){
$this->data["rma_email"] = "myOtherEmail@gmail.com";
}
if(strpos($this->data["textarea8"],".ru") !== false){
$this->data["rma_email"] = "myOtherEmail@gmail.com";
}
if(strpos($this->data["textarea8"],"http") !== false){
$this->data["rma_email"] = "myOtherEmail@gmail.com";
}