Forums

I'm under spam attack from BTC enthusiasts.. So many each hour that I decided to remove form access completely, and I have captcha enabled and working.. 

I have read about serverside validation, and since I noticed all the spams come from the same IP I wondered if that could work for me, but I don't see this option, where do I put this html? Thanks. 

<?if ($_SERVER['REMOTE_ADDR'] == '94.102.xx.xx'){  return "You are not authorized to use this service!";}?>

I think I have followed those steps (see screenshot) but the spammers still go through.

I have temporarily set a rule in Outlook to put in the spam folder all incoming emails containing "194.85.210.53" in the body. 

not really, your event named should exactly match the returned value, which is "blocked", lowercase b

I wrote blocked with the lowercase but it doesn't seem to work, emails go through. In the meantime I added more IPs as they're already starting to change IPs:

if ($_SERVER['REMOTE_ADDR'] == '194.85.210.53,117.7.194.117,38.253.186.88,218.205.43.68,185.10.129.14'){return "blocked";}

Would it be possible to use instead a rule by setting "BTC" and "blockchain" as keywords in the message subject and body of the message? 

that code will not work, you need to check if the ip is in_array, another way to do this is using the Abort action only with a Run Conditions behavior:

list all your ips in the Value2 box

additionally, in the next update you will be able to do a "Contains" check:

Do you use the ReCaptcha ? are you sure it's setup correctly ? if it can not block spam then this is human spam, you may try the security question too

That is great, I'll wait for the next update then as the "contains" option it's just what I'm looking for.

Captcha is setup and working correctly, I have no idea how they can bypass it so easily, I don't feel is right to set up a further security like a question so that genuine users will have more hassle for the few spamming b@st.... Thanks! 

Sure, the new update is now ready for download v8.0.32