April 26, 2017 at 8:55 pm #783687
I started getting these spam messages in my email and I’ve no idea where they’re coming from because the only Enfold form I have on my site doesn’t have this subject line, nor does it use the email address these emails are coming to.
Here’s one of those emails:
New Message (sent by contact form at Enfold App)
E-Mail: (Email address hidden if logged out)
Any idea what that might be about?April 26, 2017 at 9:52 pm #783701
We can not be sure, try enable catchap which will help you to block those emails.
Although, if they have targeted you and want to do bad – they will do.
BasilisMarch 3, 2019 at 12:32 pm #1073932
I’m having same message type “New Message (sent by contact form Domain). I have in the only form operative the captcha module up, also have more fields than spam incoming mail have, and it’s in Spanish. Spam mail is this (one of them):
Asunto: New Message (sent by contact form at Domain)
Fecha: 2019-03-03 11:15
De: ” (Email address hidden if logged out) ” < (Email address hidden if logged out) >
Destinatario: (Email address hidden if logged out)
Email: (Email address hidden if logged out)
Telephone number: 86635287423
Subject: Win an iPhone X
Message: How To Remove “Win iPhone X” Pop-ups:
I’m gonna double check the site to look form hidden/forgotten forms.
March 4, 2019 at 7:45 am #1074208
- This reply was modified 2 months, 2 weeks ago by backfolder.
This is fixed in the latest version of the theme, could you try updating to that please? (Purchase code hidden if logged out) /#theme-update” rel=”noopener” target=”_blank”>https://kriesi.at/documentation/enfold/ (Purchase code hidden if logged out) /#theme-update
RikardMarch 4, 2019 at 12:23 pm #1074322March 5, 2019 at 9:13 am #1074727March 6, 2019 at 5:15 pm #1075550
Latest version installed, getting hammered with SPAM. Identical to user “backfolder” issuesMarch 6, 2019 at 7:48 pm #1075598March 7, 2019 at 10:47 am #1075901
Hi pikes4ever and yifatcohen,
Please include admin login details in private so that we can have a closer look at your site.
March 7, 2019 at 6:15 pm #1076073March 10, 2019 at 11:30 am #1076973
- This reply was modified 2 months, 1 week ago by Rikard.
Still having spam issues. I’m gonna reset all password (DB, WP, FTP) and check for file permissions.
Regards.March 11, 2019 at 2:22 pm #1077345
I am having the same problem. The form is deactivated on all pages, but I am still getting these spam emails.
Could it be that spammers found a loophole?March 12, 2019 at 7:04 pm #1077914
Or it can be that you have somewhere your email and they are copying the subject etc, so they can use it and they by-pass your spam filter and land your email. :)
BasilisMarch 12, 2019 at 7:24 pm #1077921
For me, by now and until clarify what’s happing, I’ve change all password, disable (rename php file) form module, installed Contact Form 7, verify that file permissions at folders are correct, and update PHP to 7.3.
EDIT: Well I think it’s ‘manual spam’, some guy is filling the forms and sending it. The only thing to fight them is check their IP and blocking using any security plugin or using .htaccess.
March 14, 2019 at 7:14 am #1078541
- This reply was modified 2 months, 1 week ago by backfolder.
Thanks for the update, I hope you find a way to block the spam you are getting.
RikardMarch 14, 2019 at 2:04 pm #1078696
Backfolder’s issue is NOT the same as mine. I have verified that the email is coming from my WordPress server so it HAS to be an issue within WordPress. I have renamed/disabled the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” and so far it appears to have stopped the spam issues. I will update you once I have more info. You can check to see where the email came from by copying and pasting the email headers into “https://mxtoolbox.com/EmailHeaders.aspx”. If the originating IP address is the same or similar to your website IP address, then most likely it IS being sent from the web-page. If it is not similar or is located in a foreign country or whatnot, you can be 99% sure that is is manual spam.
PS. We use “Contact Form 7” so we do not need the internal contact form creator.March 14, 2019 at 2:33 pm #1078705
Thanks for sharing info about your problem, could help others. I’ve suffered ‘manual spam’ using both forms, Enfold and CF7. After adding two security questions to CF7 (quiz) and adding 3 IP’s to Wordfence WAF, spam has stopped. Finally I’m starting testing reCAPTCHA module build into Enfold in one site to see how is going.
Regards.March 15, 2019 at 2:17 pm #1079135
Thanks for sharing your information for other users.
Enjoy the theme.
GünterMarch 18, 2019 at 3:04 pm #1079910
Just confirming that after 4 days with the renaming/disabling the following folder within Enfold “/public_html/wp-content/themes/enfold/config-templatebuilder/avia-shortcodes/contact” has 100% fixed our issue and could fix others issues that are having this same issues as long as you are not using the built in form provided by Enfold. Like I said, we are using contact form 7 so just be aware. Have a great day everyone!May 18, 2019 at 1:27 pm #1102040
News about spam problem. Thanks to CleanTalk plugin, which block spam attacks in a very effective way, I have (a part of) next log that want to share with you:
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
Contact form – data denied
(Email address hidden if logged out) Spain 18.104.22.168
Page URL : //mydomain.eu/wp-admin/admin-ajax.php
Source : https://mydomain.eu/wp-admin/options-general.php?page=cleantalk
Details | Not spam | Delete | To Personal black & white lists
Spam attacks: 75
– – – – – – – – – – – – – – – – – – – – – – – – – – – – – –
So it is a problem related to WordPress IMMO. Permissions of that File and Directory are OK (I think)
Anyway, and apart of CleanTalk, is there anyway to block that vector?
- This reply was modified 1 day, 10 hours ago by backfolder.
You must be logged in to reply to this topic.