Replies: 1 comment
-
|
With so many CRMs and other ways to receive contacts I would advise just completely disabling this functionality (e.g. deactivate the entire Mage_Contacts module) and replacing it with an embeddable contact form from your CRM of choice. While it's nice to have this bundled in, spam/abuse prevention is a PITA and a moving target so better to just delegate to a third-party that specializes rather than build it into an open-source shopping cart. I didn't see a question in your post but that's just my opinion. :) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
These days I faced an unprecedented attack on Contact form on a server I'm managing. Although I use HoneySpam, bots have managed to bypass both the extension and the hideit hidden field and have behaved like a human factor. In general, these bots access the form in a burst 5 times and thus the store administrator receives 5 messages on various topics. In the last week up to 600 messages were received in one day.
The analysis of the web server access log shows the next sequence for such a bot:
Those numbers "200 79017" are found in all rows. I had to use Fail2Ban and today it is completely quiet and almost 280 IP addresses have been captured. It is obvious that Magento has a hole which allows accessing the controller directly and causes messages to be sent in a burst. There are older reports in OpenMage project also open PR's but the problem remains.
PS - HoneySpam does its job on the newsletter subscription form. The unsuccess rate is around 1%, given that Fail2Ban can be used here as well if the number of hits is very high. On this server the subscription attempts were around 60 per day. I found that the banning time must be long. What I banned for 1 month came back so I set it for a year.
Beta Was this translation helpful? Give feedback.
All reactions