AndyC Posted December 29, 2019 Posted December 29, 2019 Hey all On Friday evening I started to get emails from this specific address @qq.com every email starts off with a different number so ex is [email protected] with loads of Chinese writing.I eventually turned it off after receiving around 2000 at around 11pm last night. Turned it back on now and they are still coming in thick and fast 塨禧您已被抽为特约用戸↓载APP直接升至ViP4! That's just 1 line ...Anyway how can I go about blocking these
DRMasterChief Posted December 29, 2019 Posted December 29, 2019 Did they send from contact form or ?! Maybe this helps:
AndyC Posted December 29, 2019 Author Posted December 29, 2019 Yeah I have badbot installed and have a captcha installed as well. They must some how be getting around it
yaniv14 Posted December 29, 2019 Posted December 29, 2019 If all attacks comes from the same ip address than you can block the ip address on your nginx/apache server block. if not and you need to block it on the code level, than you should make an override to ContactController postProcess function and check the email domain and block it there. $emailParts = explode( '@', $email_address ); $emailDomain = end($emailParts); if ($emailDomain == 'qq.com') { // do something }
AndyC Posted December 29, 2019 Author Posted December 29, 2019 Thanks will try code. I've added to controllers/ front / ContactController is this correct
DRMasterChief Posted December 29, 2019 Posted December 29, 2019 I started an idea/question here, but there was no ongoing about it.... i think this would be a good method, but need some help with:
AndyC Posted December 29, 2019 Author Posted December 29, 2019 If it was in the right place it's not working ..Got 5 more emails. I thought putting down my other website address as a email but that didn't help either
led24ee Posted December 29, 2019 Posted December 29, 2019 There is module for contact form re-capthca, this is only for contact form. For me this was helpful. This is not the same that is already in TB. This is separate module.
yaniv14 Posted December 30, 2019 Posted December 30, 2019 Its better to have it as an override. also delete cache/class_index.php file
AndyC Posted December 30, 2019 Author Posted December 30, 2019 Sorry to sound stupid but how do I do it as a override
yaniv14 Posted December 30, 2019 Posted December 30, 2019 (edited) create a file "ContactController.php" and place it inside "override/controllers/front" folder. the file should look like this. <?php class ContactController extends ContactControllerCore { public function postProcess() { $email_address = Tools::convertEmailToIdn(trim(Tools::getValue('from'))); $emailParts = explode( '@', $email_address ); $emailDomain = end($emailParts); if ($emailDomain == 'qq.com') { header('HTTP/1.1 403 FORBIDDEN'); header('Status: 403 No China here!!!'); header("Location: https://www.qq.com/"); } return parent::postProcess(); } } i think it should work, don't have time to test it right now. you should delete cache/class_index.php as well Edited December 30, 2019 by yaniv14 1
AndyC Posted December 30, 2019 Author Posted December 30, 2019 Thanks ...Will have a go this evening and see how it goes
AndyC Posted January 1, 2020 Author Posted January 1, 2020 Well either the emails have stopped or it's working as not received 1 of them for an hour thank you
AndyC Posted January 2, 2020 Author Posted January 2, 2020 LOL ..Looked this morning and had over 200 emails... I think it is down to my hosting .. As my other site stopped getting them once I moved over
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now