TOPIC:

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 5 days ago #277010

  • Topic Author
  • mmjtech
  • Offline
  • Fresh Breezer
  • Fresh Breezer
  • Posts: 9
  • Thanks: 0
Hi. I'm using your solution to reduce spam by adding hidden fields and adding the custom code to the Begin Submit section. It's generally working quite well. However, we've recently seen a spike from bots on several sites where our client is getting the bot submissions from forms and there is nothing visible in database, yet a record is being created. This morning there were 365 records created that are inaccessible but clearly have been assigned a recordID.

Any idea why this is happening and how we can stop it?

Thanks,

Brent

Please Log in or Create an account to join the conversation.

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 5 days ago #277012

  • Mirec's Avatar
  • Mirec
  • Offline
  • Ultimate Breezer
  • Ultimate Breezer
  • Posts: 3158
  • Karma: 2
  • Thanks: 153
Hi,

some times it is a little hard to prevent spammers with 100%

If you know the IP address of the spammers or we can prevent the spammers on the server side.

or

1) add validation for each field

2) protect the site with:
www.vi-solutions.de/en/joomla-plugin-plgspambotcheck

3) integrate:
www.projecthoneypot.org/

Let me know if you want to try one of the offered solutions, then I will show you how to do it

If you have more questions, feel free to ask!


regards,
Mirko

Please Log in or Create an account to join the conversation.

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 5 days ago #277014

  • Topic Author
  • mmjtech
  • Offline
  • Fresh Breezer
  • Fresh Breezer
  • Posts: 9
  • Thanks: 0
Hi.

Thanks for the prompt reply. Most of the fields on the form are already required which makes this issue even more puzzling. That, coupled with the fact that I'm using hidden form fields as a honeypot makes it even odder. It's seems like they're able to bypass something in the submission process and emails are getting sent even so...

And I don't understand how the submissions are even getting sent given that required fields are blank, and the emails are being received with record IDs are being assigned in the BF DB yet they are inaccessible and don't even show up. How is that even possible?

I've blocked the IP address, but it's likely being spoofed or they'll just use another one come tomorrow.

Thanks,

Brent

Please Log in or Create an account to join the conversation.

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 5 days ago #277016

  • Mirec's Avatar
  • Mirec
  • Offline
  • Ultimate Breezer
  • Ultimate Breezer
  • Posts: 3158
  • Karma: 2
  • Thanks: 153
Hi,


And I don't understand how the submissions are even getting sent given that required fields are blank, and the emails are being received with record IDs are being assigned in the BF DB yet they are inaccessible and don't even show up. How is that even possible?


we can add in the server-side script, so if the elements are blank, do not save data, do exit, if you want.



I've blocked the IP address, but it's likely being spoofed or they'll just use another one come tomorrow.


I know, but we can prevent more Ip addresses.

Let me know!

Regards,
Mirko

Please Log in or Create an account to join the conversation.

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 5 days ago #277017

  • Topic Author
  • mmjtech
  • Offline
  • Fresh Breezer
  • Fresh Breezer
  • Posts: 9
  • Thanks: 0
Hi.

Thanks again for the quick reply. Can you supply the server-side script? We operate our own servers and I'm sure our tech department would want to add that themselves.

Thanks,

Brent

Please Log in or Create an account to join the conversation.

Last edit: Post by mmjtech.

Bots submitting forms - No entry in DB, record is being created, email recv'd 1 month 4 days ago #277024

  • Mirec's Avatar
  • Mirec
  • Offline
  • Ultimate Breezer
  • Ultimate Breezer
  • Posts: 3158
  • Karma: 2
  • Thanks: 153
Please GO FORM->ADVANCED->MORE OPTIONS->SUBMIT PIECES->BEGIN SUBMIT click on the custom and in the code box add this below code :
$this->execPieceByName('ff_InitLib');

$noSpam = "/(http|www|<|>|.ru|href|https)/";
$element=ff_getSubmit('a');
$element1=ff_getSubmit('b');
$checkFields = array($element,$element1);
foreach ($checkFields as $Fld){
if( preg_match($noSpam, $Fld)){
echo 'wrong';
exit();
}
}

in the variable 'no spam' you can insert a specific word to prevent it.

$element=ff_getSubmit('a');
$element1=ff_getSubmit('b'); -> Instead 'a' and 'b' insert the name of the elements.

This code below checks whether the element is empty, if the element is empty, data arent will not save in the database.
$this->execPieceByName('ff_InitLib');
$value1 = ff_getSubmit('a');

if( $value1 == ''){
echo 'Wrong';
exit();
}

If you have more questions, feel free to ask!

Regards,
Mirko

Please Log in or Create an account to join the conversation.

  • Page:
  • 1
  • 2
Time to create page: 0.050 seconds

BreezingForms Pro 1.4.7 for WordPress Released!

Available in the membership section.

September Discount!

Massive discounts on all subscriptions!

Get Your Subscription Here

Quick Links

Downloads

BreezingForms

ContentBuilder

BreezingCommerce

Templates

Documentation

BreezingForms

ContentBuilder

BreezingCommerce

Apprendre BreezingForms (French Community)

Apprendre et maîtriser BreezingForms par des tutoriels et exemples, le tout en français

breezingforms.eddy-vh.com

Questions et réponses sur les forums de l'AFUJ

AFUJ

Special Offer

Summer Sale! All subscriptions at a special price!

Includes prio support, all of our current and future Joomla!® extensions and Joomla!® templates for the duration of your membership.

Get it from here

3rd Party Discount - 25% Off

We help you to keep your costs under control. If you are a new member and purchased a form building tool from a different form vendor, then you'll get a 25% discount on our subscription plans.

How to receive the discount:

Send us a quick email to sales@crosstec.org with a proof of purchase (for example a paypal receipt), await payment instructions and enjoy your membership!