Urgent !!! Regarding fake customers registration

I have customized NopCommerce site on 2.6 v. I found that someone is spamming bots on my site. They are registering fake customers with company name with "google". First name and last name is meaningless. I had deleted all those earlier but some how they had registered again.

Even I had set recaptcha on register page. My customer register method is "Email Validation". I don't know why this is happening? Lots of fake customers had been registered as company name google.

How can I stop this?

Please advice.
Thanks in advance.

even for my site 4 new ids added with google. 1 ip from korea and 3 from usa texas

http://www.elaamart.com

elaa1979 wrote:

How can I see google ids by link http://www.elaamart.com?

Do you have any solution for this? I got up to 100s of fake ids from google.
Advice.

I use the "honeypot" technique and found it to be pretty effective.

Add a string property to your login model and a hidden input field in your view.

Then in your controller validate it with something like this:

if(!String.IsNullOrEmpty(model.Honeypot)
{
   ModelState.AddModelError("HoneyPot", "You are a robot spammer.  Get Lost.");
   return View(model);
}

I also use recaptcha after 5 bad login or registration events.


t

hi this link will helps you avoid fake registration.

http://www.elaamart.com/boards/topic/15/how-to-avoid-fake-customer-registration-on-a-website

I Have the same problem ...
1 every 1-2 minutes

Dal Negozio Online Bettinelli Luciano S.r.l.
Un nuovo cliente si è registrato sul negozio online
Nome e cognome: catynopkmex catynopkmex
Email: [email protected]

Un nuovo cliente si è registrato sul negozio online
Nome e cognome: ojhnaisj vvxrazleHD
Email: [email protected]

Un nuovo cliente si è registrato sul negozio online
Nome e cognome: wkowsvea numslvxeHD
Email: [email protected]

Un nuovo cliente si è registrato sul negozio online
Nome e cognome: catyhopfrex catyhopfrex
Email: [email protected]

and more more more more ...
I'm not a programmer... can you help me ?

Hey guys, good info - but i need to know how to do the captcha to nopCommerce 2.2 not 2.6.

and where does the code go? what's the path of the file? where've they hidden it?!

i look forward to hearing some insight from you guys. i actually have another question....

I was lookin' into the db and i have 4300 lines....
but i only have 245 registered users.....
the rest of the lines look like this......

380  906091cd-2133-4993-b2e2-229d455c4f42  NULL  NULL  NULL  0  NULL  NULL  NNULL  NULL  True  False  False  NULL  168.75.239.19

no id, no email, no pwd.... where are these comin' from?

btw - of the 245 reg users, only maybe 100 are valid users...... i have to stop this! look forward to hearing from you guys. thank you in advance!

hemjesti wrote:
https://www.nopcommerce.com/boards/t/15564/customerid-jumps-from-1-to-591-for-only-8-registred-users.aspx

I have the very same problem.

Fake customer registrations on 2.6 using the company name google and the same password of as I recall 123456.  The IP addresses are coming from all over the world. I have blocked at least 20 IP's at the perimeter and they just keep coming! I have not checked to see what the user agent appears as yet.

Anyone have any luck combating this or better yet finding anything out about the source behind it?

I've had to enable Captcha on some of my client's sites:

Admin > Configuration > Settings > General ... > Security tab  >> CAPTCHA enabled: