Hacking / Phishing

[Ian Ashton]

Over the past few days ( 1-10 dec 2025) we've been getting 'bogus' customer registrations. 

Problem: Bogus Registrations.pdf

No orders or addresses. They come from a selection of IP addresses - some of which appear in blacklists.

The Name and Surname fields look very odd. Or it's just a BOT generating random strings. The emails look valid - stolen from somewhere else???

Anyone else seen this?

Can we do anything about it? Just deleting them every day at the moment.

 

 

[the.rampage.rado]

https://github.com/eschiendorfer/genzo_turnstile

Do you have this module for turnstile in FO? If not, I highly recommend installing it and checking if the bots will stop.

[Yabber]

Not all stores use Clodflare.

The module from the thirtybees repository “nocaptcharecaptcha” also secures the customer registration form.

[the.rampage.rado]

Not all stores use google accounts. 🙂

Turnstile is separate service from Cloudflare. There is no need for your store to be behind it to use Turnstile. Yes, account with them is needed but I advised for this module as it offers smoother flow for the real customers imho.

[Ian Ashton]

I did have the No Captcha reCAPTCHA Module installed BUT not activated for Registration - so I've now done that. Many thanks.

What's your take on Cloudflare+Turnstile ? Do You think  Turnstile will  appear in Thirty Bees in the future?

 

 

[the.rampage.rado]

1 hour ago, Ian Ashton said:

I did have the No Captcha reCAPTCHA Module installed BUT not activated for Registration - so I've now done that. Many thanks.

What's your take on Cloudflare+Turnstile ? Do You think  Turnstile will  appear in Thirty Bees in the future?

 

 

The module in github from above is for thirty bees and it works flawlessly.

[Yabber]

Personally, I think Turnstile is MUCH better than Google reCaptcha. It's also worth considering changing your anti-spam security.

[DRMasterChief]

we are using Turnstile and it is highly recommended by us  (you have to register at Cloudflare, but this is quickly done and ok),

>> and have a look at  Blackhole for Bad Bots - thirty bees store  also,  this is very useful too !!

[nickz]

To avoid phishing: have a low cost laptop handle only your emails. No other connection to shops, banks should be on the laptop. 
Use another laptop where you don't enter emails. It is best to use a Linux distro to access your shops, banks and all other financial tools. 

Cloudflare delays visitors, so there is no sense to make your shop fast and set cloudflare, just to let clients solve riddles.  

Edited Monday at 04:55 PM by nickz

[DRMasterChief]

I disagree with Cloudflare here; purely for the captcha, for example in the contact form, the speed via Cloudflare is not a problem, you don't notice any problematic delay.

[nickz]

5 minutes ago, DRMasterChief said:

I disagree with Cloudflare here; purely for the captcha, for example in the contact form, the speed via Cloudflare is not a problem, you don't notice any problematic delay.

Sure as a shop owner you seem to forget the penance users have to go thru. 
Compare drop out rates with Cloudflare vs without, Everything what for you is easy is more difficult for others, 

How can you disagree if I have to go thru a procedere to get to see a site with cloudflare? 

[DRMasterChief]

Please read. Many people only use the CAPTCHA for the contact form, not for the entire shop (why would they??).

We also have one, but ONLY for the form, not for the shopping cart, etc., and there are no problems.

Anyone who needs to use other Cloudflare services (e.g., load balancing) is unlikely to be on this forum and using ThirtyBees (even though it would be nice).

And yes, we know exactly what it's like for users. Firstly, we're all internet users ourselves, and secondly, we test all the functions of our shop with different device views.