- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Store getting bombarded with mail.ru sign ups :(
I was just doing a lookup of a clients account in our customer database on my Magento 1.7.0.2 store and I noticed I now have almost 1900 accounts created... when last month I only had a few hundred. All of the latest accounts created on my store look to be generated from SPAM bots and they all are using the same russian mail.ru email hosting service. Has anyone seen this before? IS there a way to capture the IP address of each account sign up so I can block them on my firewall or integrate an invisible google capatcha when creating a new account?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
Hi @smiller13,
A lot of stores got the same issue.
One solution could be to use this free module: https://amasty.com/magento-google-invisible-captcha.html
If not you can customize your registration process to validate or block those domains.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
I got the same problem. Thus, my clients have been deleted and lots of them have been unsubscribed from mailchimp lists.
I have to restore my clients database?
Today I have enabled captcha from admin.
Some one else with the same problem?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
I have the same issue. Hundred of fake customers with a yandex.ru email address. I must be very careful when I delete these customers. I'm always afraid to delete real customers. This spam is really annoying.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
After looking at the POST data we are blocking these registration in our WAF
// Extra Magento POST variables if ( false !== strpos( $request_path, '/customer/account/createpost' ) && ( isset( $_POST['birthyear'] ) || isset( $_POST['sYear'] ) || isset( $_POST['year'] ) ) ) { return 'bad_request_post_magento_vars'; }
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
Hi, can you elaborate on your solution. I am using magento 1.9 and Nginx, and CloudFlare.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Store getting bombarded with mail.ru sign ups :(
Hello Ray!
I use half of my WAF for WordPress in Magento 1
https://github.com/szepeviktor/wordpress-fail2ban/tree/master/block-bad-requests
Here you find the patch for Magento
https://github.com/szepeviktor/wordpress-fail2ban/tree/master/non-wp-projects/magento
If you need help handling PHP code please contact me.
All the best to you!