You can edit CustomerController Register() Method in nop.web project to implement honeypot.
And publish nop.web dll.
Urgent !!! Regarding fake customers registration
MVP
认证开发者
- 2139
- 22181
- 2009/7/23
- India
@nopCommerce team
Can you look into this, as it seems that there are many customers facing the same issue with fake customers registration even after captcha enabled.
May be you can integrate this as a feature in next release. Fixing this will surely help.
We will be happy to hear more from you on this.
Can you look into this, as it seems that there are many customers facing the same issue with fake customers registration even after captcha enabled.
May be you can integrate this as a feature in next release. Fixing this will surely help.
We will be happy to hear more from you on this.
- 481
- 2782
- 2010/7/24
- India
krutal wrote:
Is this new hidden filed "required", I guess its not, that's the reason I am still getting fake registration?
Also when I see the page source I see this code, where there is some value by default, could this be the cause?
<form action="/register" method="post"><input id="Landmark" name="Landmark" style="display: none" type="text" value="" /><input name="__RequestVerificationToken" type="hidden" value="OTERPeMdZ1cvRc4OUJnp81CT6o2hKXv8gEo3sOk3h3i-UVc5Xsyn2qhn32Q5OOfzM88uOM2kxkbfQ89JvQtBWxZo9zUStqIpH2zR_mfWRJ01" />
You can edit CustomerController Register() Method in nop.web project to implement honeypot.
And publish nop.web dll.
And publish nop.web dll.
Is this new hidden filed "required", I guess its not, that's the reason I am still getting fake registration?
Also when I see the page source I see this code, where there is some value by default, could this be the cause?
<form action="/register" method="post"><input id="Landmark" name="Landmark" style="display: none" type="text" value="" /><input name="__RequestVerificationToken" type="hidden" value="OTERPeMdZ1cvRc4OUJnp81CT6o2hKXv8gEo3sOk3h3i-UVc5Xsyn2qhn32Q5OOfzM88uOM2kxkbfQ89JvQtBWxZo9zUStqIpH2zR_mfWRJ01" />
- 481
- 2782
- 2010/7/24
- India
kakoli wrote:
Do we have any solution :(
email validation, admin approval, recaptcha, honypot all have failed, i am receiving some 200 fake registration everyday again and numbers growing ,.. somebody please help..
You can edit CustomerController Register() Method in nop.web project to implement honeypot.
And publish nop.web dll.
Is this new hidden filed "required", I guess its not, that's the reason I am still getting fake registration?
Also when I see the page source I see this code, where there is some value by default, could this be the cause?
<form action="/register" method="post"><input id="Landmark" name="Landmark" style="display: none" type="text" value="" /><input name="__RequestVerificationToken" type="hidden" value="OTERPeMdZ1cvRc4OUJnp81CT6o2hKXv8gEo3sOk3h3i-UVc5Xsyn2qhn32Q5OOfzM88uOM2kxkbfQ89JvQtBWxZo9zUStqIpH2zR_mfWRJ01" />
And publish nop.web dll.
Is this new hidden filed "required", I guess its not, that's the reason I am still getting fake registration?
Also when I see the page source I see this code, where there is some value by default, could this be the cause?
<form action="/register" method="post"><input id="Landmark" name="Landmark" style="display: none" type="text" value="" /><input name="__RequestVerificationToken" type="hidden" value="OTERPeMdZ1cvRc4OUJnp81CT6o2hKXv8gEo3sOk3h3i-UVc5Xsyn2qhn32Q5OOfzM88uOM2kxkbfQ89JvQtBWxZo9zUStqIpH2zR_mfWRJ01" />
Do we have any solution :(
email validation, admin approval, recaptcha, honypot all have failed, i am receiving some 200 fake registration everyday again and numbers growing ,.. somebody please help..
- 80
- 894
- 2012/10/12
- United States
There could be something wrong with our recaptcha form processor that isn't requiring subsequent validations which allows spammers to submit 1 correct captcha and then re-submit 100's of new entries and get through. I found this on the google recaptcha forum to suggest a fix...
https://groups.google.com/forum/?fromgroups#!topic/recaptcha/XNypY2eOHmM
FROM A RECAPTCHA FORUM USER:
"A reCAPTCHA challenge can only be validated once, on subsequent validations it
will return false. Of course, this only works if the form processor
requests validation on each submission, not just once. Your issue may
not be with reCAPTCHA but with your form processor."
https://groups.google.com/forum/?fromgroups#!topic/recaptcha/XNypY2eOHmM
FROM A RECAPTCHA FORUM USER:
"A reCAPTCHA challenge can only be validated once, on subsequent validations it
will return false. Of course, this only works if the form processor
requests validation on each submission, not just once. Your issue may
not be with reCAPTCHA but with your form processor."