Since yesterday I’m getting > 10 spam messages per day on my reviews, and pages → comments. Captcha is turned on but they come right through.
Any tips?
[quote name='Flow' timestamp='1321123583' post='125840']
Since yesterday I'm getting > 10 spam messages per day on my reviews, and pages → comments. Captcha is turned on but they come right through.
Any tips?
[/quote]
I guess registered users don't get a captcha, they probably are from registered users no? But I guess the registration form has a captcha.
Can't you change your captcha format from the admin to be a bit more complicated? I'm probably of not much help. Good luck.
Nope, messages are from unregistered users so the bots found a way to come through the captcha. I changed my image and settings now, let's hope this solves it.
Ok, so I changed the captcha (different background picture, etc) but am still getting spam messages… will ask cs-cart support about this.
Are they all coming from the same IP address? (You can check you logs to see.)
There is a setting so that a user only has to answer the captcha the first time during their visit: “Do not use verification after first valid answer”
Is it possible that they answered the captch once and then started running the bot using the session that already was approved?
No, they seem to come from various IP's.
Hi Flow,
Maybe it could be from a service like this http://decaptcher.com/client/
I have not looked much into it but I think these services bypass CAPTCHA.
Regards Chris
I started having this problem too. They are coming from different IP address. Any ideas?
I don't know what exactly solved this with me, but:
I made the captcha a bit more difficult.
Changed the background image.
I unchecked: Do not use verification after first valid answer
You can do this at settings - image verification
They just started hitting my site now… alterations to the Image settings haven't thwarted them… Their IP's appear to be all over. None of them are creating accounts.
I've started getting lots of these in the last few days. What's worse is that CS-Cart is approving at least half of them, so they are actually showing up on my site. Any further help on how to stop this and how to force all comments to be automatically disapproved would be much appreciated.
[color=#333333][font=arial, sans-serif][size=4]I[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]also[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]encountered this problem[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4].[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]I suspect that[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]not[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]being [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]CAPTCHA[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4].[/size][/font][/color]
[color=#333333][font=arial, sans-serif][size=4]messages come[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]through feedback[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]bypassing[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]check[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]e-mail.[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]e-mail[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]instead of[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]a chaotic[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]set of letters.[/size][/font][/color]
[color=#333333][font=arial, sans-serif][size=4]apparently[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]it is possible to[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]circumvent the protection of[/size][/font][/color][color=#333333][font=arial, sans-serif][size=4] [/size][/font][/color][color=#333333][font=arial, sans-serif][size=4]the store.[/size][/font][/color]
Hitting me too. I made some modifications to the Image Verification settings as Flow suggested but the spam messages keep coming. Any other suggestions?
We started getting this a couple of days ago. I changed some of the settings and they have stopped. I ended up making it 7 characters and made it black and white.
We noticed a bunch of spam logins on our sites as well starting on the 2nd of January. Somehow they seem to pass the captcha, even after modification and are able to create bogus accounts… oddly enough with text in in the phone field. I wonder if cscart will integrate rechaptcha service as a secondary choice in captcha?
[quote name='carterj' timestamp='1326037549' post='129029']
We noticed a bunch of spam logins on our sites as well starting on the 2nd of January. Somehow they seem to pass the captcha, even after modification and are able to create bogus accounts… oddly enough with text in in the phone field. I wonder if cscart will integrate rechaptcha service as a secondary choice in captcha?
[/quote]
Same thing here. It all was done on Jan 2nd from different ip addresses. If this continues then we may just have to disable it. There were about 20 posts.
I also have this same problem … It started maybe a few months ago. I increased the difficultly of the word image, added a darker grid, etc which I thought helped. However out of the blue yesterday these bots started up again posting in my reviews.
Just nonsense stuff being posted like:
This is a notification of a new post to Product: JAMMA PLUS (JB-2) Fingerboard Adapter
Name: Froylan
Rating: Excellent!
Message:
I can post a diagram on the page if you like.Its a 2 stage prsoecs once the pad is dismantled. There are 9 pins in the console joypad port, 9 points along the top of the pad, and 9 wires between. Just solder a shorter wire between 1 to 1, 2 to 2, 3 to 3 etc This also includes the ground wire.When that’s done just connect the pad buttons to the jamma edge. The pad is already grounded so just solder a line on to the signal side of the button pad . I think I attached the wire to the risistors in the photo.Hope that helps, I’ll try to made a diagram later.
So far since last night I deleted about 15 posts…unless they are trying to crash out my server I do not know why they would even bother. Unless this a CS-Cart related issue that someone knows how to get around and they enjoy the mischief on cs-cart store. 
I get this too occasianlly. I'm pretty sure they are not fooling the captcha but go around it though. It usually happens in the ask-a-question about product tab (an add-on)
When I get this (maybe once every two months) I turn off that add-on for a night or so, then back on and that seems to work. Even though it's far from ideal.
In total since it started on Friday I probably had about 30 fake review postings… It seemed to last for about 24 hours then just stops.
No real damage done and I do not store credit card #'s online … unless someone might be after the e-mail/customer lists.
We've been hit hard…