vi-solutions
Software + Internet

Joomla 5 Notice

We are pleased to announce that as of January 29, 2024, all of our Joomla extensions are compatible with Joomla 5.

For all who are still updateing from Joomla 3 to Joomla 4: Joomla 4 Migration instructions are available here:

There is now a separate Documentation for Visforms for Joomla 4 and for Visforms for Joomla 5!

Forum

Visforms Subscription user can ask questions in our forum. Please log in with the relevant user first.
Everybody can access the forum for reading.

Please only ask 1 question per topic.

Still getting spam

More
1 month 3 weeks ago - 1 month 3 weeks ago #10140 by twisterking
Still getting spam was created by twisterking
I'm using Visforms 4.4.1. and Visforms Subscription 4.4.1 on a Joomal site version 5.0.3.

I have two contact forms on this website (two different languagues) and both forms get spammed a lot.
Spambotcheck is active and I have also added a honeypot.

For some reason both measurements are not enough to stop the spam on this particular website. I have the same contactform setup on other websites and even without the honeypot they have no spammers.
Attachments:
Last edit: 1 month 3 weeks ago by twisterking. Reason: added a file

More
1 month 3 weeks ago #10141 by Administrator IV
Replied by Administrator IV on topic Still getting spam
Hello twisterking,

If I were you, I would proceed as follows in this case.

A1: Are the latest spammers listed with their IPs in the activated spam databases?

By far the most interesting thing about a spammer is his IP.
Check the spam databases used/activated to see whether your spammers' IPs are listed there.
Unfortunately, in your screenshot, the column with the IPs on the right can no longer be seen.

A2: Do Visforms spam protection settings actually work as expected?

I can provide a tiny plugin for testing the 'SpambotCheck' in Visforms.
It is part of our independent plugin 'SpambotCheck':
vi-solutions.de/en/joomla-plugin-plgspambotcheck

The tiny test plugin allows you to specify an IP address.
The plugin then emulates at a very high level as if all requests to the Joomla instance were coming from this IP address.
This means that the correct functioning of the spam protection can also be checked in Visforms

You can use an IP address that is actively listed as the IP address and enter it in the plugin configuration.
All of this also works on a local test installation.

Our standalone plugin 'SpambotCheck' also takes care of user login and registration.

A3: Would the cryptic names also be recognized programmatically?
Apparently, strikingly cryptic names are entered.
If this cryptic form is detectable programmatically or even through a RegEx expression, I could extend the spam protection to include this check.
It is not trivial to distinguish with sufficient certainty cryptic names from real entries, which can also look quite strange.

A4: Would a field with the content 'First Name Last Name' be possible?
A test for the space character as a custom validation could detect and prevent this type of cryptic spammer entries in your case.
Using custom validation:
docs.joomla-5.visforms.vi-solutions.de/e...of-custom-validation

Kind regards, Ingmar
:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

More
1 month 3 weeks ago #10142 by twisterking
Replied by twisterking on topic Still getting spam
I have checked the used IP's against the DNSBL, only one of them is listed in a single database.

But the spammers are also able to pass the honeypot. The honeypot field is filled with an email address and still the form could be submitted, which should not have been possible since the honeypotfield is not empty.

More
1 month 3 weeks ago #10143 by Administrator IV
Replied by Administrator IV on topic Still getting spam
Hello twisterking,

can you export the form without the data and send me the JSON file?

If necessary, use the following platform: wetransfer.com/
Use the forum email address as the recipient: forum (--at--) vi-solutions.de.

Kind regards, Ingmar
:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

More
1 month 3 weeks ago #10144 by twisterking
Replied by twisterking on topic Still getting spam
Mail has been sent!

More
1 month 3 weeks ago #10145 by Administrator IV
Replied by Administrator IV on topic Still getting spam
Hello twisterking,

Thank you very much for the form!

I imported it and tested it.
The honey pot works perfectly as you described.

So if the form can still be sent, then it will be sent
- not directly via the form
- but as a pure GET request
- without JavaScript involved
- sent by pure software.

Apparently this spammer group is not yet listed in the DNSBL.

Quote: The honeypot field is filled with an email address.

In this case it is possible with an individual Visforms custom plugin in the backend
- before saving the data
- with PHP in the backend
- check the honey pot
- and if it is filled
- carry out a suitable redirect
- or ignore the request completely.

The documentation describes how to create a 'Visforms Custom Plugin'.
Custom Plugin Creation:
docs.joomla-4.visforms.vi-solutions.de/e...-plugin-development/
Custom Plugin Event System:
docs.joomla-4.visforms.vi-solutions.de/e...-plugin-development/
There is a complete custom plugin with all events and help functions as a template that comes with the installation of Visforms:
docs.joomla-4.visforms.vi-solutions.de/e...-plugin-development/

The developer can then decide for himself what else should happen.
Creating a custom plugin requires some PHP development experience on Joomla.

If you need help developing the plugin, we can help you with that - even with the complete implementation.
Please understand that we have to calculate this effort at our current hourly rate of 75 euros plus VAT and at least 1 hour.

Kind regards, Ingmar
:idea: I recommend you the new and up-to-date documentation for Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/en/docs/
Most of this also applies retrospectively to Joomla 3.
Please only ask 1 question per topic :-).

:idea: Ich empfehle Dir die neue und aktuelle Dokumentation für Joomla 4:
docs.joomla-5.visforms.vi-solutions.de/docs/
Das meiste gilt rückwirkend auch für Joomla 3.
Bitte immer nur 1 Frage pro Thema stellen :-).

Moderators: Administrator AVAdministrator IV
Powered by Kunena Forum

Visforms Subscription

Visforms Extensions

Useful extensions for Visforms which enable you to integrate your forms perfectly into your website and to perform special tasks which turn Visforms into much more than just a form generator.

Info