Jump to content
nimafire

How stop ticket spammer !!!!

Recommended Posts

Hey

its near 1 week we have weird ticket that opens 3 times per day

i have attach today ticket:

ive check mailbox and these arent import by email, no email regard this receive in inbox and spam box

we have google captcha, ive also change it to whmc default type and nothing change

blocks ender isnt work and nothing block by whmcs

i cant find anything about these in whmcs activity log

spam.jpg

Share this post


Link to post
Share on other sites

There is nothing in the email import logs for those?
 

Share this post


Link to post
Share on other sites

no nothing,

also no email store in inbox of account

seems it opens via system, like bypass capctcha

Share this post


Link to post
Share on other sites

Generally the email import grabs the message and deletes the copy on the server (if using POP import). If using the pipe method, it isn't stored on the mail server at all. I'd say your thought that they're visiting the page is correct, if it's not in the WHMCS mail import log. 

How do you know they're bypassing the Captcha, just because of the odd subjects and so on? If you have access, you might want to look through the server logs and find out who is hitting that form to submit, and see if that's something you can block.

Share this post


Link to post
Share on other sites

ive use FW method for importing email into ticket system.

so this is why ive say it might be bypassing captcha and opening ticket is the only way they send these tickets,

 

Share this post


Link to post
Share on other sites

The FW method is piping, and no messages should be saving to an email inbox unless you have some other mechanism in place to copy it there too.

Share this post


Link to post
Share on other sites
On 11/29/2019 at 12:53 PM, nimafire said:

no nothing,

also no email store in inbox of account

seems it opens via system, like bypass capctcha

I had a similar issue a couple weeks ago the tickets weren't coming in via email I searched every log and blocked every sender, the entire TLD (.ru) tickets kept coming. I finally blocked the IP and it stopped immediately. 

Share this post


Link to post
Share on other sites

these emails are not import by email, ive stop any piping and also remove email account from server, still receive these tickets.

these are sent from different ip and domain however ive block entire .ru domain in the past,

im think are they bypass captcha or theme code to send these tickets?

Share this post


Link to post
Share on other sites
6 hours ago, nimafire said:

these emails are not import by email, ive stop any piping and also remove email account from server, still receive these tickets.

if piping is now disabled, and therefore clients need to come to the site to open a ticket, why not make the support departments client only - that means, that the user will need to login to open a ticket... which these spammers should be unable to do.

6 hours ago, nimafire said:

im think are they bypass captcha or theme code to send these tickets?

it's not impossible to bypass google captcha - there are plugins available to do that and I tried them on a v7.7 (or maybe v7.6) dev earlier in the year, and I could bypass it... the same probably applies to invisible v3 too - you could try switching the site to use v3 inviable instead and see if that makes any difference (i'm assuming you're still using the old v2 "not a robot" checkbox reCAPTCHA option).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated