Solved: Re: Prevent Spam Account Registration and newslett...

nimita · ‎11-27-2018

Hello,
My website has a lot of spam bots registration through customer registration form:

there are some securities I have applied like:
1. I have enabled Magento captcha.

2. I have passed encrypted string in phtml file.

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

though lots of bot customer registration found. Is there any other solution to prevent bot spam customers and fake newsletter registration in Magento 2 ?

if issue solved,Click Kudos & Accept as Solution

nimita · ‎11-27-2018

There was my mistake in code above solutions are working fine.

There are some solution you can implement for prevent spam account regstration

1. Enable Magento captcha.

Enable Magento captcha from store configuration.

2. Pass encrypted string in phtml file.

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

3. Update fields limitation rules from database :

Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

4. add Google captcha

Magento provides limited form's captcha , for custom form either we need to custom code for magento captcha or add google captcha.

5. block IP address

Check that every time bot is running from same ip then block that ip from your .htaccess file
like:

Deny from 000.000.00.111

I have used above all solution and it works fine.

if issue solved,Click Kudos & Accept as Solution

View solution in original post

nimita · ‎11-27-2018

There was my mistake in code above solutions are working fine.

There are some solution you can implement for prevent spam account regstration

1. Enable Magento captcha.

Enable Magento captcha from store configuration.

2. Pass encrypted string in phtml file.

<input name="form_key_hidden" type="hidden" value="<?php echo $FormKey->getFormKey().'259a8240fba23e82626efdc9eaa0c483';?>" />

and check in controller

 $customformKey = $require->getParam('form_key_hidden');
if ($customformKey == $objectManager->create('\Magento\Framework\Data\Form\FormKey')->getFormKey() . '259a8240fba23e82626efdc9eaa0c483') {

//
 // default code
//
}

3. Update fields limitation rules from database :

Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

4. add Google captcha

Magento provides limited form's captcha , for custom form either we need to custom code for magento captcha or add google captcha.

5. block IP address

Check that every time bot is running from same ip then block that ip from your .htaccess file
like:

Deny from 000.000.00.111

I have used above all solution and it works fine.

if issue solved,Click Kudos & Accept as Solution

kris_wen · ‎03-07-2019

Hi,

For number 3. my attribute id=5 and id=7 shows only the following:

input_filter: trim

validate_rules:{"max_text_length";i:255;s:15:"min_text_length";i:1;}

How should I edit it? Thanks a lot.

Magento version: 2.2.6

==================================================================

3. Update fields limitation rules from database :

Update directly in the customer_eav_attribute table, update rows with attribute_id=5 [firstname] and attribute_id=7 [lastname] and replace 255 by 25 :

a:2:{s:15:"max_text_length";i:255;s:15:"min_text_length";i:1;} (before update/ bydefault)
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;} (modified)

nimita · ‎03-14-2019

Hi @kris_wen,
Just replace '25' to 255.

after modification your data will be looks like:
a:2:{s:15:"max_text_length";i:25;s:15:"min_text_length";i:1;}

if issue solved,Click Kudos & Accept as Solution

benjamin _sernji · ‎05-22-2019

What phtml File exactly?

cf_camper · ‎03-30-2020

Hi,

I am using now Magento 2.2.10

The Entry in my customer_eav_attribute table looks like:

{"max_text_length":255,"min_text_length":1}

and a change to 25 has no effect.

If I enter what you suggest above give me the error:

1 exception(s):

Exception #0 (InvalidArgumentException): Unable to unserialize value. Error: Syntax error

<pre>#1 Magento\Eav\Model\Attribute->getValidateRules() called at [vendor/magento/module-customer/Model/AttributeMetadataConverter.php:90]

#2 ….

What can I do?

Thanks

Angelika

Prevent Spam Account Registration and newsletter subscription

Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription

Re: Prevent Spam Account Registration and newsletter subscription