Jump to content

dealing with fake/spam orders


Recommended Posts

3 hours ago, rockhost said:

Hi again, I just wanted to follow up on my previous response, just in case anyone else experiences the same issue. I found the WHMCS help article regarding custom client fields. Unfortunately, implementing this did NOT work => https://help.whmcs.com/m/64764/l/878335 

I have recaptcha and the required custom client field in place. I have also disabled "Allow Client Registration".

Yet still, the spammy client registrations continue...

I tried custom field too with no results. hcaptcha is the only (easy and free) way I solved. recaptcha v3 might also be a good option, but I can't use it as it block some inbound links to domain registration page.

If you try hcaptcha let us know if it solved.

Probably email account activation before purchase submission would also be a good option, but it's not there yet...
https://requests.whmcs.com/idea/force-email-verification-before-account-provisioning

Link to comment
Share on other sites

Update! I am not sure why I didn't try this first, but switching from reCaptcha v2 to the Invisible Captcha has fixed the issue. I was about to try the CloudFlare Turnstile...

Anyway, thanks for your comments and help! I bought myself a little time to prepare for the upgrade to 8.13.

Cheers!

Link to comment
Share on other sites

Well crap, I spoke too soon. I was still using the reCaptcha v2 secret key after switching to the Invisible reCaptcha option in WHMCS's General Settings. I.e. No client registrations were going through. Period. Bots or human beings. Everything broke. Once I updated the secret key to match the Invisible reCaptcha option, the spamming returned, as did regular functionality for real clients.

Sigh...I will report back tomorrow with my CloudFlare Turnstile testing results...Just in case anybody is following along now or in the future.

Thanks!

 

Link to comment
Share on other sites

4 hours ago, Easy Green Hosting said:

I tried custom field too with no results. hcaptcha is the only (easy and free) way I solved. recaptcha v3 might also be a good option, but I can't use it as it block some inbound links to domain registration page.

If you try hcaptcha let us know if it solved.

Probably email account activation before purchase submission would also be a good option, but it's not there yet...
https://requests.whmcs.com/idea/force-email-verification-before-account-provisioning

I am stubborn and am still using my owned license. So, I don't have the hCaptcha option in my General Settings yet. Although I will have to upgrade soon, one way or another. I will keep you posted. Thanks for the reply!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated