cancel
Showing results for 
Search instead for 
Did you mean: 

Prevent Spam Account Registration and newsletter subscription

SOLVED

Prevent Spam Account Registration and newsletter subscription

Hello,
My website has a lot of spam bots registration through customer registration form:

there are some  securities I have applied like:
1. I have enabled Magento captcha.

2. I have passed encrypted string in phtml file.

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

 though lots of bot customer registration found. Is there any other solution to prevent bot spam customers and fake newsletter registration in Magento 2 ?

if issue solved,Click Kudos & Accept as Solution
1 ACCEPTED SOLUTION

Accepted Solutions

Re: Prevent Spam Account Registration and newsletter subscription

There was my mistake in code above solutions are working fine.

There are some solution you can implement for prevent spam account regstration

1.  Enable Magento captcha.

         Enable Magento captcha from store configuration.

 

2.  Pass encrypted string in phtml file.

 

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

3. Update fields limitation rules from database :

            Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

 

  • a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
  •  a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

4. add Google captcha

      Magento provides limited form's captcha , for custom form either we need to custom code for magento captcha or add google captcha.

 

5. block IP address

    Check that every time bot is running from same ip then block that ip from your .htaccess file
like:

Deny from 000.000.00.111

I have used above all solution and it works fine.

if issue solved,Click Kudos & Accept as Solution

View solution in original post

5 REPLIES 5

Re: Prevent Spam Account Registration and newsletter subscription

There was my mistake in code above solutions are working fine.

There are some solution you can implement for prevent spam account regstration

1.  Enable Magento captcha.

         Enable Magento captcha from store configuration.

 

2.  Pass encrypted string in phtml file.

 

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

3. Update fields limitation rules from database :

            Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

 

  • a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
  •  a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

4. add Google captcha

      Magento provides limited form's captcha , for custom form either we need to custom code for magento captcha or add google captcha.

 

5. block IP address

    Check that every time bot is running from same ip then block that ip from your .htaccess file
like:

Deny from 000.000.00.111

I have used above all solution and it works fine.

if issue solved,Click Kudos & Accept as Solution

Re: Prevent Spam Account Registration and newsletter subscription

Hi,

   For number 3. my attribute id=5 and id=7 shows only the following:

input_filter: trim

validate_rules:{"max_text_length";i:255;s:15:"min_text_length";i:1;}

 

How should I edit it? Thanks a lot.

Magento version: 2.2.6

 

 

 

==================================================================

3. Update fields limitation rules from database :

            Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

 

  • a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
  •  a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

Re: Prevent Spam Account Registration and newsletter subscription

Hi @kris_wen,
Just replace '25' to 255.

 

after modification your data will be looks like:
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;}

if issue solved,Click Kudos & Accept as Solution

Re: Prevent Spam Account Registration and newsletter subscription

What phtml  File exactly?

Re: Prevent Spam Account Registration and newsletter subscription

 

Hi,

I am using now Magento 2.2.10

The Entry in my customer_eav_attribute table looks like:

{"max_text_length":255,"min_text_length":1} 

and a change to 25 has no effect.

If I enter what you suggest above give me the error:

1 exception(s):

Exception #0 (InvalidArgumentException): Unable to unserialize value. Error: Syntax error

<pre>#1 Magento\Eav\Model\Attribute->getValidateRules() called at [vendor/magento/module-customer/Model/AttributeMetadataConverter.php:90]

#2 ….

What can I do?

Thanks

Angelika