Jump to content

Recommended Posts

Posted (edited)

I've been dealing with incoming spam tickets for years. Usually I would only get a few per week, so I would just delete them and block senders.

Over the last year it's gotten far worse, as I might get several spam tickets in the course of an afternoon and far more than usual. This has been getting very annoying. So yesterday I configured all my support departments to require tickets be opened by registered users. This immediately helped eliminate these spam tickets.

The issue I am having now is that some spam still gets through from the pre-sales contact form, even with the captcha enabled. Have these spammers gotten so sophisticated that they are able to design bots that bypass the WHMCS captcha on the contact form? I am skeptical that it's some random user, as I've already received around 6 such spam messages via the contact form since yesterday.

How are you guys dealing with these spam issues?

 

Edited by apollo1

Share this post


Link to post
Share on other sites
Posted (edited)

Generally when it's someone abusing the contact form in this manner, I check IP addresses. It almost always is the same IP or one very near it that's hitting the form, so blocking that IP or CIDR range (IE: 123.123.123.0/28 which blocks 16 IPs) in your firewall will stop it. If it's a place you don't have customers from and are unlikely to in the future, a wider block may do, such as 123.123.123.0/24, which is 255. 

Edited by bear

Share this post


Link to post
Share on other sites
On 7/27/2019 at 1:37 PM, bear said:

Generally when it's someone abusing the contact form in this manner, I check IP addresses. It almost always is the same IP or one very near it that's hitting the form, so blocking that IP or CIDR range (IE: 123.123.123.0/28 which blocks 16 IPs) in your firewall will stop it. If it's a place you don't have customers from and are unlikely to in the future, a wider block may do, such as 123.123.123.0/24, which is 255. 

Thanks a lot bear for the tip.  I ended up just enabling the Google reCaptcha instead of the default captcha, and it's put a complete stop to the spam mails coming in from the pre-sales contact form.

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated