Forums

Dear all

I have tried Captcha, ReCaptcha, validated required fields as digits, email, number etc., also mirrored these constraints using Auto server side validation (did not forget to add Loop event), am currently using the security question feature, but if this doesn't work either, I'm afraid there's nothing I can do against automated spambots sending me erratic entries such as 'xcvagfh' in fields validated as 'digit' or 'number', not filling in other required fields, not ticking required tick boxes, squeezing ten nations into the required 'country' textbox and so on. The actions seem harmless, but are really getting on my nerves >:[

When having used standard Captcha, it had been working well with font support enabled... for about six weeks. Then once it started again, I couldn't think of anything else to stop SPAM.

...but maybe anyone else can? Any help would be most appreciated.

Thank you!
Chris

Hi Chris,

ServerSide validation (Auto or Custom) should block these. If it isn't working, please check that you have added an Event Loop action to the pink On Fail event of the ServerSide Validation action.

Bob

Hello Bob

I've already added the Event Loop (see first post), which is what prompted me to turn to the forum for help.

I've re-added an Auto Server Side valid. and have added eight fields that are supposed to be didits. Unfortunately, I can't make either of them a required field. The one that I did make a required field (as digit, total amount of a registration page) has not been validated as such in the field itself. Maybe that helps, too.

I just got two more spam entries last night, unfortunately. The pattern is identical: first I get a submission with no entries at all, and in the same minute a registration with 'hygcaytzbl'-type entries, even in the total amount text box, seemingly validated by AutoServSideV, including the Event Loop.

The Spam bot is cunning enough to identify a text box that is named 'country' and gives me a random (existing) country name. Last night they were USA and Spain. Boxes validated as e_mail simply feature e-mail addresses.

The security question also did not work.

I'm afraid I'm running out of options😟 I'll let you know if my latest tweaks have resulted in anything.

Thanks for your response and help!
Chris

Okay, I've added all these things mentioned above, including an Auto Server Side Validation in "On Submit" and with Event Loop in the On fail section. I've entered the field names that need to be digits, including one required one, which is 'Total'.

The following shows a typical spam response. Once again, it came in a combination with a totally empty submission as well ('DEFAULT SUBJECT').

Note that all fee fields should be digits, according to AutoServerSideVal AND the field parameters. The 'Total amount' section is the only required value. I currently have the security question in the end - to no avail, I'm afraid😟 What can I do?

Chris

Here's the spam content:

Billing code: EUR2013DY7211B
Date (m/d/y): 07/17/2013

These are the details they've sent us:

Team name: eocryzjrpo
Country: USA
Contact person: eocryzjrpo
Institution: gyixejxj
Billing address: ccclvtdippmtefcbuf, http://www.cphrshijii.com bghpchyfxf
Contact e-mail: [email]mhjbjlozbw@tyfqkk.com[/email]
Phone: gyixejxj

Debaters:

gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj

Judge(s):
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj

Observer(s):
gyixejxj F gyixejxj
gyixejxj F gyixejxj
gyixejxj F gyixejxj

Dietary restrictions: ccclvtdippmtefcbuf, http://www.cphrshijii.com bghpchyfxf

Entry visa: Y

Other comments: ccclvtdippmtefcbuf, http://www.cphrshijii.com bghpchyfxf

Fees for teams requiring accommodation:

Standard fee (€180): gyixejxj
n+1 judges fee (€160): gyixejxj
n+2 judges fee (€140): gyixejxj
Extra nights (€25): gyixejxj
Observers (€300): gyixejxj

Fees for teams not requiring accommodation

Railpass only (€45): gyixejxj
Railpass only for host delegates (€25): gyixejxj
Local debater base fee, no railpass (€20): gyixejxj
Number on host school delegation: gyixejxj

Total amount: €gyixejxj

Extra nights date info: gyixejxj

Other comments: ccclvtdippmtefcbuf, http://www.cphrshijii.com bghpchyfxf

Hi CrystalFrontier,

Please take a Form Backup using the icon in the Forms Manager and post it here (as a zipped file) or PM or email it to me and I'll take a closer look.

Please also turn on the IP address on the Email (or check it in the database records if you are saving them). That sometimes gives a clue to the source of the spam - it sometimes comes from security scans on the site.

Bob

Hi CrystalFrontier,

I looked at your form and have moved the Check Security Question action and the AutoServerside Validation action up to the beginning of the ON Submit event. The actions are executed in order so these were being run after the DB Save and Email actions.

Bob

Ha,

I had a feeling it was something as trifle as that😛 Thank you very much for your time and committment! We'll see how it goes from there. I'll contact you again if something similar should occur again, but I guess it won't.

Thanks again!
Chris