Jump to content

Spam tickets via submitticket.php

sahostking

By sahostking
in General Discussion

 Share

Recommended Posts

sahostking Senior Member

sahostking

Posted
Posted

Hi guys,

 

Getting some tickets directly through ticket system.

 

Anyway to block it. Example below:

 

Ticket #391407 has been opened by Bubba.

Client: Bubba

Department: Support

Subject: uhWPANJqZWd

Priority: Medium

what is considered a sports car

________________________________________

IP Address: 188.143.232.32

 

 

Logs below:

 

apache2/domlogs/ourdomain/my.ourdomain.co.za:188.143.234.155 - - [10/Oct/2016:21:40:07 +0200] "GET /submitticket.php?step=2&deptid=1&language=german HTTP/1.1" 200 6891 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0"

apache2/domlogs/ourdomain/my.ourdomain.co.za:188.143.234.155 - - [10/Oct/2016:21:40:09 +0200] "GET /includes/verifyimage.php HTTP/1.1" 200 1649 "http://my.ourdomain.co.za/submitticket.php?step=2&deptid=1&language=german" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0"

apache2/domlogs/ourdomain/my.ourdomain.co.za:188.143.234.155 - - [10/Oct/2016:21:40:11 +0200] "POST /submitticket.php?step=3 HTTP/1.1" 302 0 "http://my.ourdomain.co.za/submitticket.php?step=2&deptid=1&language=german" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0"

apache2/domlogs/ourdomain/my.ourdomain.co.za:188.143.234.155 - - [10/Oct/2016:21:40:14 +0200] "GET /submitticket.php?step=4 HTTP/1.1" 200 5909 "http://my.ourdomain.co.za/submitticket.php?step=2&deptid=1&language=german" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:41.0) Gecko/20100101 Firefox/41.0"

0
Link to comment
Share on other sites
WHMCS ChrisD Senior Member

WHMCS ChrisD

Posted
Posted

Hello Sahostking,

 

Thanks for your post.

 

Please refer to http://docs.whmcs.com/Spam_Control for our built in spam control tools. In addition if these are coming in via the support portal you may wish to consider enabling Google ReCAPTCHA under Setup -> General Settings -> Security and set it to Always on until the spam levels reduce a bit

0
Link to comment
Share on other sites
twhiting9275 Senior Member

twhiting9275

Posted
Posted

The most effective way to block this is going to be , as Chris mentioned, recapcha.

Additionally, you can require client login for the support area. This is probably going to be your best bet.

For those that you don't want clients to login (ie: maybe sales / abuse), hide them from the client area so that these can't be abused. You'll have to rely on server level filtering there

0
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated

  I accept