I assure you that I in no way condone this software, but I do want webmasters aware that there are very advanced malicious tools that can be used against CS-Cart and CS-Cart unfortunately has almost no protection.For us this is a major problem which makes it difficult to use CS-Cart. I have opened several threads on related topics. We have just turned all commenting and reviews off because we cannot protect our sites against it.
It looks like you are promoting this software. Possibly the next step will be a referral link? xD
As you can see, we talk here not about spam or ways to bypass a captcha. We are speaking about malicious load and that some robots who scan the internet can make your website unavailable.
I posted a link above that shows how to block 1200 such bots through htaccess.
We are experiencing a high load from several types of bots:
1. unwanted crawler bots
2. content scrapers
3. spam bots
4. vulnerability scanner bots.
Spam bots and vulnerability scanners often cloak the user agent. Scanners actively search for cs-cart installations.
I posted a thread about an SQL injection method that I found after such bots used it. I found it in my logs. CS-Cart staff is aware of it.
Crawler bots are especially causing issues with crawling features and filters and thereby causing millions of cache files. Our hosting costs have skyrocketed because of it. Its also reducing our site speed significantly.
Also, I'd like to note that there is
invisible ReCaptcha v3 and also custom ways like honeypots, you know. But this is a different story not for this forum topic.
Actually ReCaptcha and honeypots can be used to stop malicious bots from crawling the site. Its not just for registering an account.
But there is no functionality for this.
Could you be so kind to let me know of any honeypot functionality for cs-cart?
It would be nice if CS-Cart would have bad bot protection similar to:
https://bad-behavior.ioerror.us/(stops bots by analysis & fingerprinting)
https://wordpress.org/plugins/stopbadbots/
https://swissuplabs.com/magento-bot-protection.html
https://www.extendware.com/magento-bot-blocker.html
https://wordpress.org/plugins/project-honey-pot-spam-trap/
As you see many such applications are not just for spam bots but for all kinds of bots.