Contact us Form appears to be hacked (sending Spam)

Permalink
Hi guys,

in the last week we have been receiving loads of spurious spam from Viagra etc via the Contact us form on our website.

I have the Captcha Active (defaulted to by image) but the spam is definitely coming in each day and I am having to delete it.

Can anyone suggest what I can do?

Fanflame
View Replies:
hutman replied on at Permalink Reply
hutman
Have you tried switching to a different captcha? If you're using v8 there is a reCaptcha plugin.
Fanflame replied on at Permalink Reply
Fanflame
Hi Thanks for the reply Hutman.
I am using version 5.7.5.8. to be honest I haven't upgraded it to the latest version of version 5 as I didn't want the site to go wobbly.

Is there any other captcha's or security I can add? Some of the spam is getting quite rude now!

Thanks
hutman replied on at Permalink Reply
hutman
This add-on shows it's for 5.7.0.4+

http://www.concrete5.org/marketplace/addons/recaptcha...
Fanflame replied on at Permalink Reply
Fanflame
Thank you I will give it a go....
Enjoy the weekend!
Gondwana replied on at Permalink Reply
Gondwana
Here's another simplistic approach:
https://www.concrete5.org/marketplace/addons/contact-form-no-links1...

Disclosure: it's mine!
Fanflame replied on at Permalink Reply
Fanflame
Thanks for the link.

I have added the Google One as previously suggested and will see if that makes any difference. If not I may try your Gondwana.

Thanks you for taking the time to write.

Enjoy your weekend!

Fanflame
StevieB replied on at Permalink Reply
Just found this as two of my sites are having this issue in a bad way! I think the C5 team need to think about sorting this out.
A3020 replied on at Permalink Reply
A3020
I wrote a blog post about how to fight spam in concrete5. It might interest some of you https://a3020.com/blog/how-to-fight-spam-in-concrete5...
StevieB replied on at Permalink Reply
Thanks for that, a very interesting read, although some of it beyond my ability at present. It is an interesting thought that a honey pot or timer system could easily be built in to the C5 form by the dev team and be available as an extra spam option, turned on with a simple checkbox. Or am I wrong?