Looks like more effort though and touching web.config would restart the app causing delays. It amazes me that there is actual profit to be made by the activities of these spammers.
Mikrotik takes moments to update albeit I'd prefer to spend no time on this. Email verification is now in place and none of these robots have completed a registration. Still I continue to block the malicious hosts. Who knows what attacks will come next...
The blacklist is not so much a solution but informational.
It also helps to show the scope of what many of us seem to be dealing with. It is crazy. Seems there's a new host every few days.
That said I am in the same boat but have at least slowed the process. What I can say again is that since email verification has been enabled there have been no successful verifications from these spammers or posts.
That said I am in the same boat but have at least slowed the process. What I can say again is that since email verification has been enabled there have been no successful verifications from these spammers or posts.
would you mind clarifying this? you're saying turning on the verification didn't let people register? or that spammers can't?
I went to Configuration > Settings > Customer Settings and changed Registration Method (drop down list) to Email Validation. I also check the box "Notify about new customer registration".
The registrations still occur but since enabling this no accounts have been successfully verified by these people.
As a matter of process I review the attempted registrations and look for the usual patterns (e.g. Google, pwd 123456, etc) and then check for registration status and any activity. The IP address is then compared against my list before deleting the incomplete registration.
Did you tried honeypot technique suggested by joebloe.? We've implemented same and it fixes fake customers registration. Let me know if you want more information on how to implement the same.
As a matter of process I review the attempted registrations and look for the usual patterns (e.g. Google, pwd 123456, etc) and then check for registration status and any activity. The IP address is then compared against my list before deleting the incomplete registration.
I hope this helps!
so, in this post is there a valid representation of the code that needs to go into the web.config to block ip's? bc i saw one that said, "it won't allow anyone to view or register that isn't from the following ip addresses"
we're getting like 50 a day. and it's just drivin' us crazy. i'm willing to try any and everything.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.