Chinese spam from qq dot com through contact form

[AndyC]

OKkkkkk .. I completely removed the module ..Un-installed from admin/modules ..Went to ftp and removed there too checked database and found nothing ..Re-uploaded and installed again and is now working fine.

Thanks for the help in yet another of my many problems 

Edited May 13, 2020 by AndyC

[Wartin]

On 5/12/2020 at 6:55 PM, AndyC said:

 

class ContactController extends ContactControllerCore
{
    public function postProcess()
    {
        if(Tools::isSubmit('submitMessage')) {
 
            $message = Tools::getValue('message');
            $from = Tools::getValue('from');
 
            $banned_in_email = ['.ru', 'qq.com', '.vn', 'talkwithlead.com', 'talkwithwebvisitor.com', '.club', '.cn', 'arteseo.co'];
            $banned_content = ['email marketing', 'quotation', 'SEO', 'advertising', 'Clicks', 'Guaranteed', 'diet', 'sex', 'unlimited', 'medical'];
 
            foreach ($banned_in_email as $string) {
                if(strstr($from, $string))
                    $this->errors[] = Tools::displayError('This email address is not allowed');
            }
 
            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid Content');
            }
        }
        parent::postProcess();
    }

 

 

Hello. Today some bot created an account in my shop. The strange part is that the address is not yet published anywhere... but it's under an easy spanish word, 'MyHOST/tienda'.

So I started trying this override to be prepared if I start receiving spam from the Contact Form when the site goes online.

I created the file override/controllers/front/ContactController.php with the quoted class, I erased /cache/class_index.php.

but the override is not working. I introduce an explicit PHP error but the emails keep being sent. I cleaned Cache too. What could be wrong?

[Wartin]

On 7/8/2020 at 11:45 PM, Wartin said:

but the override is not working. I introduce an explicit PHP error but the emails keep being sent. I cleaned Cache too. What could be wrong?

Finally I could find it out. I installed overridecheck module. It shows every override and, of course, it didn't show ContactController.

I forgot to start the file with: <?php

:)

[Wartin]

My Contact Override now blocks emails from being sent and shows an error message if any of the strings forbidden are used in email address or message.

BUT, the message is listed in Backoffice.

How do I block them completely?

Thanks!

[AndyC]

Ever since I installed and setup No Captcha reCAPTCHA Module I have not received a single email. I was getting around a thousand a day

[Wartin]

On 7/12/2020 at 2:08 PM, Wartin said:

 

BUT, the message is listed in Backoffice.

How do I block them completely?

Hello, I'm still having this issue. I'm using the override that search some strings in the body of the message. When I write some of these forbidden keywords it shows (correctly) an error in the contact form:

The emails are not being sent, but the SPAM message is listed in backoffice:

My override finished with:

            foreach ($banned_content as $string) {
                if(strstr($message, $string))
                    $this->errors[] = Tools::displayError('Invalid Content');
            }
        }
        parent::postProcess();
    }

maybe it should return after calling displayError?

Thanks!

[datakick]

you can replace 

$this->errors[] = Tools::displayError('Invalid Content');

with

die(Tools::displayError('Invalid Content'));

The result will be ugly white page, but that's ok, since this should be visible to attackers only

[hojoos]

YouTube is full of videos for preparing such tasks, and you can pump knowledge in mobile applications. But there are also cheat-sheet sites that will help out when you urgently need to find literature for an essay or coursework, check your spelling or find a solution to a complex mathematical problem. We think you have such sites in mind. And if not, then you can always contact here fastessay.net/do-my-marketing-assignment.html. Any suggestions?

Edited September 28, 2020 by hojoos

[AndyC]

Found this page with what seems better result as it is TB friendly

https://www.prestashop.com/forums/topic/984993-free-module-advanced-security-module/

[Wartin]

13 hours ago, AndyC said:

Found this page with what seems better result as it is TB friendly

https://www.prestashop.com/forums/topic/984993-free-module-advanced-security-module/

Did you try it?

I like the override because it's real simple, you can add some strings and voilà, no more SPAM. The module seems to has much more functions than a simple override, I don't know if the free version is usable, I suppose they want to sell it...

Anyway, thanks for the post!

[AndyC]

Yeah I tried it. It is a older version and is only a free version (paid version has a lot more) it does let you use brute force protection , so you can only try so many times before it locks you out even if you put in the right password ..I haven't tried that yet .. But it also stops right clicking on your site, which I like. You can also check your files and Change file permissions to 644 and directory permissions to 755 .. ( don't know if that is a good or bad thing) and also can find files that should be deleted,,, Mine were mostly the read files (ie text files for instructions etc) .Everything else was PRO FEATURES and to buy was £69 

[Petter]

I have seen this Chinese spam before. If running on a Linux server, this spam is easy to block with Fail2Ban - no need for special modules  - just write a plain jail config for Fail2Ban

[alfonsolr09]

hi, did anyone find a solution to make the override work?

[bumankumar3]

I can't answer your question.

teatv apk

boi hrms

Edited September 28, 2021 by bumankumar3