Tagged: admin-ajax-php
-
AuthorPosts
-
April 26, 2017 at 8:55 pm #783687
I started getting these spam messages in my email and I’ve no idea where they’re coming from because the only Enfold form I have on my site doesn’t have this subject line, nor does it use the email address these emails are coming to.
Here’s one of those emails:
New Message (sent by contact form at Enfold App)
(Email address hidden if logged out) < (Email address hidden if logged out) >
1:43 PM (10 minutes ago)to me
Name: 5900ea3ecbcb7
E-Mail: (Email address hidden if logged out)Any idea what that might be about?
April 26, 2017 at 9:52 pm #783701Hi yifatcohen!
We can not be sure, try enable catchap which will help you to block those emails.
Although, if they have targeted you and want to do bad – they will do.Cheers!
BasilisMarch 3, 2019 at 12:32 pm #1073932Same here.
I’m having same message type “New Message (sent by contact form Domain). I have in the only form operative the captcha module up, also have more fields than spam incoming mail have, and it’s in Spanish. Spam mail is this (one of them):Asunto: New Message (sent by contact form at Domain)
Fecha: 2019-03-03 11:15
De: ” (Email address hidden if logged out) ” < (Email address hidden if logged out) >
Destinatario: (Email address hidden if logged out)Name: EduardojeornJL
Email: (Email address hidden if logged out)
Telephone number: 86635287423
Subject: Win an iPhone XMessage: How To Remove “Win iPhone X” Pop-ups:
h_t_t_p_s://lil.ink/investcrypto27221I’m gonna double check the site to look form hidden/forgotten forms.
- This reply was modified 5 years, 9 months ago by backfolder.
March 4, 2019 at 7:45 am #1074208Hi backfolder,
This is fixed in the latest version of the theme, could you try updating to that please? https://kriesi.at/documentation/enfold/how-to-install-enfold-theme/#theme-update
Best regards,
RikardMarch 4, 2019 at 12:23 pm #1074322Hi Rikard.
I’m gonna update right now. Thanks so much!March 5, 2019 at 9:13 am #1074727March 6, 2019 at 5:15 pm #1075550Latest version installed, getting hammered with SPAM. Identical to user “backfolder” issues
March 6, 2019 at 7:48 pm #1075598Same here!
March 7, 2019 at 10:47 am #1075901Hi pikes4ever and yifatcohen,
Please include admin login details in private so that we can have a closer look at your site.
Best regards,
Rikard- This reply was modified 5 years, 9 months ago by Rikard.
March 7, 2019 at 6:15 pm #1076073Attached requested info
March 10, 2019 at 11:30 am #1076973Hi all.
Still having spam issues. I’m gonna reset all password (DB, WP, FTP) and check for file permissions.
Regards.March 11, 2019 at 2:22 pm #1077345I am having the same problem. The form is deactivated on all pages, but I am still getting these spam emails.
Could it be that spammers found a loophole?March 12, 2019 at 7:04 pm #1077914Hi,
Or it can be that you have somewhere your email and they are copying the subject etc, so they can use it and they by-pass your spam filter and land your email. :)
Best regards,
BasilisMarch 12, 2019 at 7:24 pm #1077921For me, by now and until clarify what’s happing, I’ve change all password, disable (rename php file) form module, installed Contact Form 7, verify that file permissions at folders are correct, and update PHP to 7.3.
EDIT: Well I think it’s ‘manual spam’, some guy is filling the forms and sending it. The only thing to fight them is check their IP and blocking using any security plugin or using .htaccess.
Regards.
- This reply was modified 5 years, 9 months ago by backfolder.
March 14, 2019 at 7:14 am #1078541Hi backfolder,
Thanks for the update, I hope you find a way to block the spam you are getting.
Best regards,
RikardMarch 14, 2019 at 2:04 pm #1078696Backfolder’s issue is NOT the same as mine. I have verified that the email is coming from my WordPress server so it HAS to be an issue within WordPress. I have renamed/disabled the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” and so far it appears to have stopped the spam issues. I will update you once I have more info. You can check to see where the email came from by copying and pasting the email headers into “https://mxtoolbox.com/EmailHeaders.aspx”. If the originating IP address is the same or similar to your website IP address, then most likely it IS being sent from the web-page. If it is not similar or is located in a foreign country or whatnot, you can be 99% sure that is is manual spam.
PS. We use “Contact Form 7” so we do not need the internal contact form creator.
March 14, 2019 at 2:33 pm #1078705@pikes4ever,
Thanks for sharing info about your problem, could help others. I’ve suffered ‘manual spam’ using both forms, Enfold and CF7. After adding two security questions to CF7 (quiz) and adding 3 IP’s to Wordfence WAF, spam has stopped. Finally I’m starting testing reCAPTCHA module build into Enfold in one site to see how is going.
Regards.March 15, 2019 at 2:17 pm #1079135Hi,
Thanks for sharing your information for other users.
Enjoy the theme.Best regards,
GünterMarch 18, 2019 at 3:04 pm #1079910Just confirming that after 4 days with the renaming/disabling the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” has 100% fixed our issue and could fix others issues that are having this same issues as long as you are not using the built in form provided by Enfold. Like I said, we are using contact form 7 so just be aware. Have a great day everyone!
May 18, 2019 at 1:27 pm #1102040Hi all!
News about spam problem. Thanks to CleanTalk plugin, which block spam attacks in a very effective way, I have (a part of) next log that want to share with you:
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Contact form – data denied
(Email address hidden if logged out) Spain 83.38.36.10
Page URL : //mydomain.eu/wp-admin/admin-ajax.php
Source : https://mydomain.eu/wp-admin/options-general.php?page=cleantalk
Details | Not spam | Delete | To Personal black & white lists
Spam attacks: 75
IP: 0
E-mail: 75
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
So it is a problem related to WordPress IMMO. Permissions of that File and Directory are OK (I think)
Anyway, and apart of CleanTalk, is there anyway to block that vector?
TIA.Update: In addition to CleanTalk, another plugin that should stop this kind of attacks is BBQ – Block Bad Queries.
- This reply was modified 5 years, 7 months ago by backfolder.
May 21, 2019 at 11:48 am #1102813Hi,
Thanks for the update.
Have you tried the reCAPTCHA option for the contact form element? That should block the spams, unless they have found a way to work around that security. A few users reported that the spam emails stopped when they activated that option.
// https://kriesi.at/support/topic/contact-form-changes-after-enfold-update/#post-1094615
// https://kriesi.at/support/topic/contact-form-sending-me-spam-messages/#post-1081352Best regards,
Ismael -
AuthorPosts
- You must be logged in to reply to this topic.