Somehow my Captcha was hacked and I started receiving spam

[the.rampage.rado]

Somehos my contact form using Captcha was hacked and some russian dude started spamming me.

Any suggestions on how to tackle this?

No spam until today, migrated to TB one week ago from PS - no issues there.

[datakick]

what captcha module are you using?

[the.rampage.rado]

The official. The spam continues. It's 40minutes- 1 hour apart. Strange.

[the.rampage.rado]

The spam is increasing. Somehow they get around the captcha because now it's every 10 minutes. I've increased the the settings to maximum checks @ google captcha page but I doubt this will help. Very strange

[datakick]

what's your website? I can't see any captcha at https://www.rampagesport.eu/

[the.rampage.rado]

You have PM

[datakick]

Well, on front end everything looks ok. So the issue is probably with override. Please check that there is override installed for ContactController. Also, make sure that both "Disable non thirty bees modules" and "Disable all overrides" are set to NO.

[the.rampage.rado]

<?php class ContactController extends ContactControllerCore { /* * module: nocaptcharecaptcha * date: 2018-07-06 22:39:10 * version: 1.0.2 */ public function postProcess() { if (version_compare(_PS_VERSION_, '1.7.0.0', '>=')) { return; } if (!Module::isEnabled('NoCaptchaRecaptcha') || !@filemtime(_PS_MODULE_DIR_.'nocaptcharecaptcha/nocaptcharecaptcha.php') ) { return parent::postProcess(); } require_once _PS_MODULE_DIR_.'nocaptcharecaptcha/nocaptcharecaptcha.php'; $recaptcha = new NoCaptchaRecaptcha(); if (Tools::isSubmit('submitMessage') && $recaptcha->needsCaptcha('contact', trim(Tools::getValue('from')))) { $recaptchalib = new NoCaptchaRecaptchaModule\RecaptchaLib(Configuration::get('NCRC_PRIVATE_KEY')); $resp = $recaptchalib->verifyResponse(Tools::getRemoteAddr(), Tools::getValue('g-recaptcha-response')); if ($resp == null || !($resp->success)) { if ($resp->error_codes[0] === 'invalid-input-secret') { $this->errors[] = Tools::displayError( Translate::getModuleTranslation( 'NoCaptchaRecaptcha', 'The reCAPTCHA secret key is invalid. Please contact the site administrator.', 'configure' ) ); } elseif ($resp->error_codes[0] === 'google-no-contact') { if (!Configuration::get('NCRC_GOOGLEIGNORE')) { $this->errors[] = Tools::displayError( Translate::getModuleTranslation( 'NoCaptchaRecaptcha', 'Unable to connect to Google in order to verify the captcha. Please check your server settings or contact your hosting provider.', 'configure' ) ); } } else { $this->errors[] = Tools::displayError( Translate::getModuleTranslation( 'NoCaptchaRecaptcha', 'Your captcha was wrong. Please try again.', 'configure' ) ); } $this->context->smarty->assign('authentification_error', $this->errors); return; } } return parent::postProcess(); } }

This is in my override for ContactController. Obviously part of the module.

[datakick]

That's weird. I'd really need access to your server to investigate further. At this point, it can be

1) the override code is not triggered (overrides are disabled, or maybe class_index.php is corrupted). You could check this by editing override file, and add some die('override is triggered') somewhere at the beginning of postProcess function.

2) the google captcha has been broken. That's not very likely. If this is the case, there's not much you can do until google fixes it

3) this is not an automated spam, but someone is posting the comments manually. Again, not very likely, but who knows

1. I can't think of anything else