Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Store getting bombarded with mail.ru sign ups :(

‎12-22-2017 09:43 AM
‎12-22-2017 09:43 AM

Store getting bombarded with mail.ru sign ups :(

I was just doing a lookup of a clients account in our customer database on my Magento 1.7.0.2 store and I noticed I now have almost 1900 accounts created... when last month I only had  a few hundred.  All of the latest accounts created on my store look to be generated from SPAM bots and they all are using the same russian mail.ru email hosting service.  Has anyone seen this before?  IS there a way to capture the IP address of each account sign up so I can block them on my firewall or integrate an invisible google capatcha when creating a new account?

 

Thanks

Labels:
0 Kudos
Reply
7 REPLIES 7
‎12-23-2017 11:42 AM
‎12-23-2017 11:42 AM

Re: Store getting bombarded with mail.ru sign ups :(

Hi @smiller13,

 

A lot of stores got the same issue.

One solution could be to use this free module: https://amasty.com/magento-google-invisible-captcha.html

 

If not you can customize your registration process to validate or block those domains.

Reply
‎12-25-2017 02:21 AM
‎12-25-2017 02:21 AM

Re: Store getting bombarded with mail.ru sign ups :(

I got the same problem. Thus, my clients have been deleted and lots of them have been unsubscribed from mailchimp lists. 

I have to restore my clients database?

Today I have enabled captcha from admin. 

Some one else with the same problem?

0 Kudos
Reply
‎01-05-2018 02:35 AM
‎01-05-2018 02:35 AM

Re: Store getting bombarded with mail.ru sign ups :(

I have the same issue. Hundred of fake customers with a yandex.ru email address. I must be very careful when I delete these customers. I'm always afraid to delete real customers. This spam is really annoying.

Maxime Coudreuse, developer of Product Manager for Magento: User-friendly product editor with customizable grid interface and category tree for Magento 1 and 2
0 Kudos
Reply
‎01-05-2018 08:41 AM
‎01-05-2018 08:41 AM

Re: Store getting bombarded with mail.ru sign ups :(

Hi @Benabee,

 

The Invisible Captcha solution wasn't useful for you?

 

0 Kudos
Reply
‎04-18-2018 09:29 AM
‎04-18-2018 09:29 AM

Re: Store getting bombarded with mail.ru sign ups :(

After looking at the POST data we are blocking these registration in our WAF

 

// Extra Magento POST variables
if ( false !== strpos( $request_path, '/customer/account/createpost' )
    && ( isset( $_POST['birthyear'] ) ||  isset( $_POST['sYear'] ) || isset( $_POST['year'] ) )
) {
    return 'bad_request_post_magento_vars';
}

 

Reply
‎01-22-2019 11:09 AM
‎01-22-2019 11:09 AM

Re: Store getting bombarded with mail.ru sign ups :(

Hi, can you elaborate on your solution. I am using magento 1.9 and Nginx, and CloudFlare.

0 Kudos
Reply
‎01-22-2019 12:33 PM
‎01-22-2019 12:33 PM

Re: Store getting bombarded with mail.ru sign ups :(

Hello Ray!

 

I use half of my WAF for WordPress in Magento 1

https://github.com/szepeviktor/wordpress-fail2ban/tree/master/block-bad-requests

 

Here you find the patch for Magento

https://github.com/szepeviktor/wordpress-fail2ban/tree/master/non-wp-projects/magento

 

If you need help handling PHP code please contact me.

All the best to you!

 

0 Kudos
Reply