cancel
Showing results for 
Search instead for 
Did you mean: 

Store getting bombarded with mail.ru sign ups :(

Store getting bombarded with mail.ru sign ups :(

I was just doing a lookup of a clients account in our customer database on my Magento 1.7.0.2 store and I noticed I now have almost 1900 accounts created... when last month I only had  a few hundred.  All of the latest accounts created on my store look to be generated from SPAM bots and they all are using the same russian mail.ru email hosting service.  Has anyone seen this before?  IS there a way to capture the IP address of each account sign up so I can block them on my firewall or integrate an invisible google capatcha when creating a new account?

 

Thanks

Tags (1)
5 REPLIES

Re: Store getting bombarded with mail.ru sign ups :(

Hi @smiller13,

 

A lot of stores got the same issue.

One solution could be to use this free module: https://amasty.com/magento-google-invisible-captcha.html

 

If not you can customize your registration process to validate or block those domains.

--
If you've found one of my answers useful, please give "Kudos" or "Accept as Solution"

Re: Store getting bombarded with mail.ru sign ups :(

I got the same problem. Thus, my clients have been deleted and lots of them have been unsubscribed from mailchimp lists. 

I have to restore my clients database?

Today I have enabled captcha from admin. 

Some one else with the same problem?

Re: Store getting bombarded with mail.ru sign ups :(

I have the same issue. Hundred of fake customers with a yandex.ru email address. I must be very careful when I delete these customers. I'm always afraid to delete real customers. This spam is really annoying.

Maxime Coudreuse, developer of Product Manager for Magento: User-friendly product editor with customizable grid interface and category tree for Magento 1 and 2

Re: Store getting bombarded with mail.ru sign ups :(

Hi @Benabee,

 

The Invisible Captcha solution wasn't useful for you?

 

--
If you've found one of my answers useful, please give "Kudos" or "Accept as Solution"

Re: Store getting bombarded with mail.ru sign ups :(

After looking at the POST data we are blocking these registration in our WAF

 

// Extra Magento POST variables
if ( false !== strpos( $request_path, '/customer/account/createpost' )
    && ( isset( $_POST['birthyear'] ) ||  isset( $_POST['sYear'] ) || isset( $_POST['year'] ) )
) {
    return 'bad_request_post_magento_vars';
}