Viewing 27 posts - 1 through 27 (of 27 total)
  • Author
    Posts
  • #1140439

    I would like to restrict .ru email submissions from getting passed through my contact form

    For example regex can be customized for phone number length, can you provide an example to restrict any .ru email submissions?

    #1140445
    #1140486

    Thank you!

    I have implemented this and I hope it works.

    These .ru emails are getting out of hand lately

    #1140727

    Hi MrPoBoi,

    Glad you got it working for you! :)

    If you need further assistance please let us know.

    Best regards,
    Victoria

    #1140741

    It actually is not working 100%

    I feel as if something is slightly working because I am only getting 5 emails a day from .ru … instead of 50 to 100+

    I have google resources recaptcha v3 installed, all in one bad bot activated and now this code… but I still get my contact form spammed :/

    #1140763

    Hi MrPoBoi,

    You might consider some other plugins that help to filter spam.

    Best regards,
    Victoria

    #1140768

    please do not respond to any more of my posts in the future, I have no idea how you have lasted as a moderator on this forum for so long

    #1141087

    here everyone is trying to help – so please follow the forms of politeness – there is such a thing as nettiquette.

    #1141090

    I agree, which is why I was being polite

    She always comes to my posts and just builds up her post count.

    She has never offered anything of value to any of my posts here, so I politely asked her to stop responding to my posts.

    #1141152

    I now have over 5400 contributions here – of which just under 70 are requests for help on my part. So far I have found each of the mods here competent. But you can also find a lot of help here on board by using the board search. Each of the mods here has his special fields.
    Impatience has always been a wrong friend. Some people think he has special privileges and must get an answer before others. This is naturally not possible in such a large support forum.

    #1141656

    Hi,

    You can use this hook to stop the mail from being sent when the email address contains “.ru” string in it.

    function ava_53612_rumailer( $phpmailer ) {
    	$ru = strpos($phpmailer->From, '.ru');
    
    	if($ru)
    		$phpmailer->ClearAllRecipients();
    		wp_die('Nyet!');
    	}
    }
    add_action( 'phpmailer_init', 'ava_53612_rumailer' );code>

    What @victoria suggested above should help as well.

    Best regards,
    Ismael

    #1141659

    @ismael

    Now this looks like something that can work!!

    How would I add multiple lines to this?

    For example .at, .su, .cn

    all of these are being used to push through spam

    Thank you for stopping by and providing this code

    #1141677

    by the way it seems that the wordpress standard options on Settings – Discussion : Comment Blacklist has an effect too – even if you don’t use Comments.
    after the entry there (one country code per line) – I couldn’t send any more e-mails via my contact form (cf7 by the way) via .ru address

    #1148931

    Hi,
    I am getting spam mails although use a simple chaptcha AND seemingly the spammer does not even check the box for dataprotection.
    So this mails should never got sent – isnt it ?
    And they are not from .ru….

    Von: (Email address hidden if logged out) < (Email address hidden if logged out) >
    Gesendet: Montag, 12. August 2019 08:07
    An:
    …..
    ……
    Ich stimme der Datenschutzerklärung zu.: false

    So as they are putting “false” – why is it sent at all ? Do they use another (hidden) form?

    #1149219

    Hi,


    @sthubertus
    : Thank you for the inquiry. Try to install a security plugin to protect the site from bots and unwanted scripts. You can also replace the default captcha with Google reCAPTCHA to get rid of spam emails and further enhance the security of the contact forms. Please visit the documentation for more info.

    // https://kriesi.at/documentation/enfold/contact-form/#how-captcha-works

    Best regards,
    Ismael

    #1149225

    Hey Ismael!

    As much as i love this theme, the contact form SUCKS

    and your whole team should really stop pitching people bs

    Adding captcha and all of the stuff you and all of the others moderators have mentioned in regards to this topic are trash and wasted efforts

    On another subject, about an unanswered post of mine for about 3 days now…

    How do you change / erase the entire avia cookie consent cookie

    When someone accepts the notification and closes it… i want the pop-up to reload on a new session

    Aka if they leave the entire website and come back

    I already erased the entire cookie consent file found in /js/
    That did nothing

    I also changed the cookie days setting from 60 to other numbers

    Nothing…

    #1149425

    Hi,
    Thanks for the hints.
    I have already installed ” All In One WP Security” and activated to protect against spam and now also enabled some more options against bots.

    What I dont understand how ever a mail with “Ich stimme der Datenschutzerklärung zu.: false”
    can ever be sent? Seems for me that this cannot be sent by filling out the regular contact form – so there seems to exist a hack to workaround this….so guess they are also not filling captchas…

    br

    Wolfgang

    #1149438

    Correct, i was getting spammed even after having Google Captcha V3 and a WAF (firewall)

    The only way i was able to stop the spam email was to remove the contact option from that portion of the page

    #1149724

    Hi,


    @MrPoBoi
    : In your case, the next step is to use a different contact form. The spam protection can only go so far, and it’s not a surefire way to prevent all adverse activities specially if one is so inclined to get through. You can try CF7 or Ninja Forms for starters.

    Best regards,
    Ismael

    #1155206

    Finally I have now tried also reCaptcha v2: ( I did not like as I wanted to avoid have Google in…)

    And there was no Spam – but the reason why was with a big grain of salt – but could have foreseen:
    As I have not activated re-Chaptcha in the Cookie settings, and probably nobody will do if its not pre-selected (what I understand is forbidden as Mr Google probably uses tracking cookies…) the Theme does what it promised to do:
    – it blocks re-Captcha and with it the complete the Contact form ! (which is fine, otherwise Spam door is open!)
    -> so nobody can post a message without activating the cookies for recaptcha.
    And I think nobody will do as there is just a message “you deactivated…” so guess nobody will know to klick on the small lock on the rhs and click through the tabs to find the right settin…

    => I think the only possible way is here to have a possibility to activate re-captcha inside the contact form, in order that the user can proceed. But think even that is prohibitive for many users….

    What is planned here for the future, Do you think its compliant to activated re-Chaptcha per default? If so – how to do this in the cookie form?

    • This reply was modified 5 years, 1 month ago by sthubertus.
    #1155209

    And if I re-activate Enfolds Captcha – it is displayed, but still the message below that the contact form is deactivated!
    And no send-button – so really dead!

    See private link!

    #1155461

    Hi,

    Thank you for the update.

    You can actually enable the cookies or services that requires cookies without the users’ explicit consent or without them accepting the cookies first. Please go to the Enfold > Privacy & Cookies panel, look for the Default Cookie Behaviour and set it to the first option. This will enable the spam protection on page load even if the cookies have not been accepted yet.

    Best regards,
    Ismael

    #1155474

    I saw the new update had some great changes such as these made to it

    that/this is one reason why I really, really love enfold!

    there are regular updates and the upper management team really cares about their product/clients

    #1155768

    Hi Ismael,

    Thanks, yes this I know. Then it will work – but that’s not allowed acc. data protection act.
    Think for europe ony your new option, explicit consent for tracking cookies, is needed.
    And I would say re-Captcha sets tracking cookies.

    Think the only useful and (hopefully;-)) compliant way is that if re-captcha is built in but not yet accepted by the visitor, that the visitor gets a note ( this is implemented) and a possibility to accept re-captcha immediately to send the form,

    See also https://complianz.io/google-recaptcha-and-the-gdpr-a-possible-conflict/
    where also a honeypot solution is mentioned. Maybe this would this be a nice add- on to enfolds math-captcha – I would like it, as I dont want to force the users to get tracked…
    -> is this possible to test? Have seen a code here: https://gist.github.com/andrewlimaza/958826feac907114a57462bfc8d535ff – but dont know how to put into Enfold…

    The technical issue I observed ism that if I put the switch [av_privacy_google_recaptcha] in, even if in the form the re-captcha is NOT used, the form is blocked. (while the enfold math-captcha is shown but the send button is not).

    PS: I have now again removed again the re-captcha switch completely from the consent tabs and expect again some spam…

    #1156281

    Hi,

    Thank you for the update.

    but that’s not allowed acc. data protection act.

    The spam protection will not work without the required cookies, so you can either disable the spam protection and use another contact form plugin, or keep it enabled and add a notification for your users directly in the contact form element or a text block, telling them that they have to consent to the cookies first before using the contact form.

    Best regards,
    Ismael

    #1157268

    Do not know If I correctly understand:
    You need cookies for spam prevention?
    Should not be an issue, data prot. act does NOT forbid ALL cookies from the beginning, just tracking and those stuff. I guess anything that you need for this task is a pure functional cookie, so can be even inside the session, so would be fine!

    What is needed, is explicit consent for all tracking stuff. This means that all the re-Captcha from our friend Goo…, where tracking ones are there from the beginning, is in my view no longer a good option.

    My point is that in this case(e.g when you still want to use it) on the contact-form we would need a better possibility to explicit opt in, otherwise the form is useless.

    In the meantime, I changed the URL for the contact form – and it helps. At least till now it seems there is no spam anymore.
    (Nevertheless the vulnerability(bug) remains that someone can send the form without checking the checkbox!! )

    br

    #1158036

    Hi,

    Should not be an issue, data prot. act does NOT forbid ALL cookies from the beginning, just tracking and those stuff.

    Yes, cookies are required to enable the spam protection. If you want to keep the contact form from the theme and have the spam protection enabled on page load by default, you have to follow our previous suggestion above.

    // https://kriesi.at/support/topic/how-do-i-prevent-ru-from-contact-form/#post-1155461

    This will silently store the essential cookies on page load, enabling the services including the spam protection, without requiring the user to consent to the cookies first. Unfortunately, this is the only option available as of this moment.

    Best regards,
    Ismael

Viewing 27 posts - 1 through 27 (of 27 total)
  • You must be logged in to reply to this topic.