Anti-Spammer Master

Advanced Search

Spam not detected

Permalink Browser Info Environment
We added Anti Spam Master to this site a week or two ago and we've had a lot of obvious spam make it through the spam traps in the last few days.

e.g. There has been a submission of the form Compensation Calculator through your concrete5 website.

Name:
MyPKdurbRgi

Email:
aureak3imette@yahoo.com

Phone:
szVLORJkCorpDfy

Brief details of your claim?:
cDjmihWFPvSpnQk


To view all of this form's submissions, visithttps://www.sds-solicitors.com/index.php/dashboard/reports/forms/vie...

Ar you able to take a look and see what this issue is? I'll p.m. access details.
Type: Pre-Sale
Status: Resolved
katalysis
View Replies:
mnakalay replied on at Permalink Reply
mnakalay
Hello. I'm having a look
mnakalay replied on at Permalink Reply
mnakalay
Some settings should definitely be enabled and one error fixed.

First, you should enable the settings to limit the number of messages per IP address per length of time. That spammer has sent about 2 messages per minute. I see no reason why you wouldn't limit it to 1 message every 3 or 5 minutes.

Second, you should enable the settings that check the length and the minimum number of words for messages. It checks only text areas. That spammer has sent messages with one-word messages every time. You should enable that setting. The default values of 20 characters and 5 words minimum are usually good in most situations.

Finally, you did enable the honeypot and the minimum time to submission but you didn't follow the tutorial to actually install them for your form. The tutorial is here:https://marketplace.concretecms.com/marketplace/addons/anti-spammer-...

You have the choice between either adding 3 lines of code to your form or using my Hidden Attribute package to enable those 2 options. It's all explained in the tutorial.

Let me know if anything is not clear.
katalysis replied on at Permalink Reply
katalysis
I've updated the settings and we seemed to have not deployed the form update - let’s we how we get on now.

Thank you for your help.
mnakalay replied on at Permalink Reply
mnakalay
I tried sending again one of those spammy messages you already received and it got blocked right away.

Let me know if you have any other issues.

concrete5 Environment Information

# concrete5 Version
Core Version - 8.5.5
Version Installed - 8.5.5
Database Version - 20201116182100

# Database Information
Version: 10.2.36-MariaDB
SQL Mode: NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION

# concrete5 Packages
Afixia: SEO Redirects (1.1.2), Anti-Spammer Master (1.0.4), Image Optimizer (3.2.9), Katalysis Base (0.0.6.9.2), Katalysis SDS Theme (0.0.5.6)

# concrete5 Overrides
blocks/core_area_layout/templates/example_layout_template.php, blocks/core_area_layout/templates, blocks/core_area_layout/form.php, blocks/core_area_layout, blocks/page_list/controller.php, blocks/page_list, elements/block_area_footer.php

# concrete5 Cache Settings
Block Cache - On
Overrides Cache - On
Full Page Caching - On - If blocks on the particular page allow it.
Full Page Cache Lifetime - Every 6 hours (default setting).

# Server Software
Apache

# Server API
cgi-fcgi

# PHP Version
7.2.34

# PHP Extensions
bcmath, bz2, calendar, cgi-fcgi, Core, ctype, curl, date, dba, dom, enchant, exif, fileinfo, filter, ftp, gd, gettext, gmp, hash, iconv, imagick, imap, intl, ionCube Loader, json, ldap, libxml, mbstring, mysqli, mysqlnd, odbc, openssl, pcntl, pcre, PDO, pdo_mysql, PDO_ODBC, pdo_pgsql, pdo_sqlite, pgsql, Phar, posix, pspell, readline, redis, Reflection, session, SimpleXML, soap, sockets, sodium, SPL, sqlite3, standard, sysvmsg, sysvsem, sysvshm, tidy, tokenizer, xml, xmlreader, xmlrpc, xmlwriter, xsl, Zend OPcache, zip, zlib

# PHP Settings
max_execution_time - 600
log_errors_max_len - 1024
max_file_uploads - 20
max_input_nesting_level - 64
max_input_time - 600
max_input_vars - 1000
memory_limit - 128M
post_max_size - 128M
upload_max_filesize - 128M
ic24.api.max_timeout - 7
ldap.max_links - Unlimited
mysqli.max_links - Unlimited
mysqli.max_persistent - Unlimited
odbc.max_links - Unlimited
odbc.max_persistent - Unlimited
pcre.backtrack_limit - 1000000
pcre.recursion_limit - 100000
pgsql.max_links - Unlimited
pgsql.max_persistent - Unlimited
redis.pconnect.connection_limit - 0
session.cache_limiter - <i>no value</i>
session.gc_maxlifetime - 7200
soap.wsdl_cache_limit - 5
opcache.max_accelerated_files - 10000
opcache.max_file_size - 0
opcache.max_wasted_percentage - 5

Browser User-Agent String

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Hide Post Content

This will replace the post content with the message: "Content has been removed by an Administrator"

Hide Content

Request Refund

You may not request a refund that is not currently owned by you.