All of a sudden starting a couple of days ago, I get 10-20 testimonial, category & product review submissions a day, however they're junk & unrelated to my site, & the visits aren't showing up in my stats. I have it set to approve first so keeping them under control isn't the issue. Why would this happen & how? They're not posting any links or any deflamatory comments so it doesn't make sense! It's all wiered, unrelated stuff like, “Excellent, good to know. Your post opened my eyes” - it's like they're spamming a forum or something but it's my review forms… very odd. I don't want to disable my reviews because then the legitimate ones already submitted wont show. & I think it's foreign, just because I am getting more than usual foreign hits to my site, but they're just only visiting 1-2 pages & not the ones that reviews are being submitted to, plus odd, non-english characters show up in the messages.
Any thoughts would be appreciated!
[quote name='Brennie369' timestamp='1310472456' post='117013']
All of a sudden starting a couple of days ago, I get 10-20 testimonial, category & product review submissions a day, however they're junk & unrelated to my site, & the visits aren't showing up in my stats. I have it set to approve first so keeping them under control isn't the issue. Why would this happen & how? They're not posting any links or any deflamatory comments so it doesn't make sense! It's all wiered, unrelated stuff like, “Excellent, good to know. Your post opened my eyes” - it's like they're spamming a forum or something but it's my review forms… very odd. I don't want to disable my reviews because then the legitimate ones already submitted wont show. & I think it's foreign, just because I am getting more than usual foreign hits to my site, but they're just only visiting 1-2 pages & not the ones that reviews are being submitted to, plus odd, non-english characters show up in the messages.
Any thoughts would be appreciated!
[/quote]
turn on image verification on the review pages
[quote name='JesseLeeStringer' timestamp='1310476704' post='117034']
turn on image verification on the review pages
[/quote]
At one point I got 10-20 fake customers signing up every day also. I don't know why - I don't even have reviews and testimonials turned on. When I enabled the image verification (captcha) the problem stopped.
Ever since I upgraded to 2.2.1 I started getting them… They are doing it through the Price Match addon I have. Never had any spam through this before the upgrade. The image verification is still active.
Image verification has already been enabled for all forms, but Do not use verification if user is logged in was checked so I unchecked it to see if that solves it. Hmm…
Once people find the link to post reviews, comments or other stuff to your site, they will use them to do so. That's why you need a manual check to ensure the captcha is in place and correct for the input so that the data never reaches your database.
I've been using CS-Cart for many years but I've only just started to have the same problem as reported above, I'm using version 4.3.9. I've suddenly started receiving 10 to 20 spam testimonials a day!
I have checked that captcha is in place and working correctly and I have set "Administrator must approve posts submitted by:" to "Any customer", so they are not appearing on our website, so I am in control of the situation.
However, I wondered whether anyone knows why these people are doing this?
Because it requires manual entry of the captcha, the traffic's never going to be sufficient to cause any DDOS type problems and they must have realised that their rubbish is not getting published.
So what are they trying to achieve?
Even if their rubbish was getting published, the vast majority of them don't contain any links!
So again, what do they achieve?
I also realized I had the same problem with a lot of .ru accounts and a lot of testimonials. I also have Captcha enabled, so maybe CS-Cart people should look at this and create a stronger captcha solution?
I also realized I had the same problem with a lot of .ru accounts and a lot of testimonials. I also have Captcha enabled, so maybe CS-Cart people should look at this and create a stronger captcha solution?
Do you have default captcha or by Google?
We face the same problem since early of this month.
We use version 4.3.8
We have default captcha
My site suddenly started getting hit like this about a week ago. I have CS-Cart default captcha turned on.
We are using the default captcha and aren't going to change this as we can control the problem.
However, my question is about why people are doing this?
What benefit are they getting from doing this?
We are using the default captcha and aren't going to change this as we can control the problem.
However, my question is about why people are doing this?
What benefit are they getting from doing this?
I know nothing about their benefit. But please note that you can complicate default captcha on the Settings -> Image verification page
I've been getting the same problem again. I disabled Comments and Reviews hoping that after a couple of days they'll stop, but then they started hitting my profile registration. They're using bogus emails, so I keep getting inundated with delivery failure emails for the user profile registration email they'd get when registering. This is also adding their bogus emails to my newsletter subscriber list because that's an option when creating a profile (I've removed that option from my site footer for the same spamming reason).
I tried checking that user accounts need to be approved first, which hasn't helped plus it would deter actual customers from completing orders so this is definitely not a permanent solution (if it worked). Making image verification more complicated isn't a deterrent either. I even closed my store for a few days but as soon as I reopened it, it started back up.
And since they are using bogus emails, I can't imagine the purpose? It appears to be happening from Russia.
eComLabs, what makes the Google reCaptcha different from the cart in making it more effective than the cs-cart version?
We installed recaptcha2 yesterday. Problem solved as of now. I think that solution is better as it only involves a click and not having to type in numbers/letters.
We installed recaptcha2 yesterday. Problem solved as of now. I think that solution is better as it only involves a click and not having to type in numbers/letters.
I would think one click would be easier to bypass than having to manually enter a string of characters.
I would think one click would be easier to bypass than having to manually enter a string of characters.
Google reCaptcha is more complicated for bots and easier for customers. Also there is an advanced reCAPTCHA with photos. By the way, this add-on is free, you can just install it and test. Here is the link to download.
Is it compatible with CS-Cart Ultimate 4.4.2?
Trying to download and it says zip folder is empty and I get an error when trying to extract it.