cancel
Showing results for 
Search instead for 
Did you mean: 

BOTS Creating Customer Accounts

BOTS Creating Customer Accounts

As per the subject, I have bots creating new customer accounts on my site. Mostly sending messages to "mail.ru" addresses.

 

Anyway to stop these?

 

Thanks!

7 REPLIES 7

Re: BOTS Creating Customer Accounts

Hello @mdrucker 

 

Yes - this is known issue ! have seen few posted threads previously.

 

Here i am sharing one link - https://magento.stackexchange.com/questions/233368/prevent-spam-account-registration

 

Go with the posted solutions and implement it for the same - specifically you can go with Solution no 4 - Enable Magento Captcha or Google Captcha and block their ip on server level.

 

It will resolved your issue !

 

Hope it helps !

if issue solved,Click Kudos & Accept as Solution

Re: BOTS Creating Customer Accounts

Unfortunately the Captcha (at least the one built into Magento) and IP blocking has not worked.

 

They come every few hours and create 30-40 accounts. New IP is used every time.

Re: BOTS Creating Customer Accounts

Use Google Recaptcha 

 

https://github.com/magento/magespecialist_ReCaptcha/

Suman Kar(suman.jis@gmail.com) Magento Certified Developer Plus Skype: sumanphptech Problem solved? Please give 'Kudos' and accept 'Answer as Solution'.

Re: BOTS Creating Customer Accounts

Hi @mdrucker 

 

Here are some solution you can implement for prevent spam account registration

 

1. Enable Magento Captcha:

Enable Magento captcha from store configuration.


2. Pass encrypted string in phtml file:

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />
and check in controller

$customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {
//
// default code
//
}


3. Update fields limitation rules from database:

Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

 

a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)


4. Add Google Captcha:

Magento provides limited form's captcha , for custom form either we need to custom code for magento captcha or add google captcha.


5. Block IP address:

Check that every time bot is running from same ip then block that ip from your .htaccess file
Example: Deny from 000.000.00.111


I hope all above solutions will help you.

 

Thanks

 

If issue solved, Click Kudos & Accept as Solution

Re: BOTS Creating Customer Accounts

There are some solutions I have applied and its working for me.


https://community.magento.com/t5/Magento-2-x-Technical-Issues/Prevent-Spam-Account-Registration-and-...

if issue solved,Click Kudos & Accept as Solution

Re: BOTS Creating Customer Accounts

Tried turning on Google invisible Capcha, then no customer could login. Can you please advise? I appreciate your help.

 

Re: BOTS Creating Customer Accounts

This can happen if you have regular captcha enabled in Stores > Configuration > Customers

 

If the sign in form is from a custom theme, the custom theme may not support recatpcha login. Easiest thing to do would be to delete the file from your theme and use the default login file.