Robot sends Spam Mail via contact page
Autor: Rainer Rawer
Visited 1924,
Followers 1,
Udostępniony 0
Sicne a fiew days a chinese bot tries to use my webpage conact form generated by x5 pro to send spam mails.
I activated captcha to stop this but this did not help. Obviously the bot sends on the php scrip level x5 is using. As soon as I delete the file "imemail/imEmailForm.php" the spam stops.
What can I do to bring my conatct form online again without allowing to spread ?!?
Posted on the
Hi Rainer
Unfortunately when this type of automated bot learns about specific locations of your scripts, it might get difficult to keep them out properly.
You could try asking your hosting if there's any kind of regional filter they can turn on, which can mitigate the problem.
Additionally, try inserting a Question Check in your form if you didn't do so already, along with the Captcha.
Perhaps this might help you out
Test it and let me know the result if you can
Thank you
Stefano
GOOGLE TRANSLATE ---
Hallo Rainer
Wenn diese Art von automatisiertem Bot bestimmte Standorte Ihrer Skripte erfährt, kann es leider schwierig werden, sie richtig herauszuhalten.
Sie könnten versuchen, Ihr Hosting zu fragen, ob es einen regionalen Filter gibt, der aktiviert werden kann, wodurch das Problem verringert werden kann.
Versuchen Sie außerdem, einen Frage-Check in Ihr Formular einzufügen, falls Sie dies nicht bereits getan haben, zusammen mit dem Captcha.
Vielleicht hilft dir das vielleicht weiter
Testen Sie es und lassen Sie mich das Ergebnis wissen, wenn Sie können
Vielen Dank
Stefano
@Stefano G.
That is now a common problem with PHP in 2018 and no solution in sight.
PHP exploit flaw puts WordPress and other CMS sites at risk of remote code execution
It helps a bit to disable the automated Metatag "Generator" so they can`t easily detect which CMS the website is using.
Afterwards you have to analyse the logfiles to find the IP address of the spammers and exclude them via .htaccess file.
<Limit PUT POST>
Order Allow,Deny
Allow from all
Deny from 138.201.26.62
Deny from 138.201.28.198
</Limit>
By the way, it would be a nice feature for the X5 Manager, if it could trigger an alarm in case additional files, with time stamps newer than the latest X5 upload exists in the root directory of the web server on a daily base.