Spammers (1 Viewing)

I have a pretty generic contact page lander set up for some of my domains. Lately it's been getting upwards of 20,000 daily form submissions that fail the hidden recaptcha protection. On one hand, the recaptcha works pretty good. On the other hand, it pisses me off as a waste of resources by scum of the earth trolls. I periodically review my logs of failed attempts, sort & count the IP addresses, then permanently block the prolific offender IPs.

I just blocked a handful of IP's which accounted for the majority of those failed submissions.

Russian IP addresses, all of them. Putin's scammer army hard at work.

If you know how, block the following:

46.161.11.0/24
37.139.53.81
37.139.53.86

If you use iptables:

/usr/sbin/iptables -I INPUT -s 46.161.11.0/24 -j DROP
/usr/sbin/iptables -I INPUT -s 37.139.53.81 -j DROP
/usr/sbin/iptables -I INPUT -s 37.139.53.86 -j DROP

You should see how much spam I get from the dn.ca contact form.

The CONTACT US link at the bottom right of every page.
It is meant for people without accounts or members that cannot log in.

The google recaptcha I have is now almost useless.

Strange. I don’t have any spam issues on my contact page. Unless you count the ridiculous inquiries as spam…

theinvestor said:

Strange. I don’t have any spam issues on my contact page. Unless you count the ridiculous inquiries as spam…

Click to expand...

I think you use wix right?

They have spam protection built in, by comparison rob uses some fairly basic code.

Yes it’s wix and never had any issues.

theinvestor said:

Yes it’s wix and never had any issues.

Click to expand...

Same here, my contact form has never had a single spam because it requires so much information to submit.

Every field is mandatory to be filled out or it will not submit.

I think you're missing the point. Your server is getting hit by them, whether you realize it or not. You're not getting the emails, and neither am I.

I'm logging the failed submissions on my server (as well as separately logging the good submissions). I'm specifically referring to the many attempted submissions that don't pass recaptcha or fill out all the fields. I log all the attempts just so I can know what is going on, see what b.s. they're attempting. I check it occasionally for fun, then truncate the log. It's also useful for debugging if I make form changes or whatever. I was having some email delivery problems not too long ago and it was nice being able to manually review the logs and recover the messages that weren't sent out.

Even the majority of submissions that do pass the recaptcha, they don't fill out all the required fields, and thus again, don't get submitted & emailed to me, but I still log them. Quite often they make one attempted post, but don't realize that the form was rejected due to missing fields, so they never re-submit.

So yes, much like @MapleDots says, even if they get past recaptcha, most of the spam form submissions don't get through because they don't fill out all the required fields. With only 5 required fields, they can't even get that right. Having multiple required fields makes a huge difference.

I'd say that recaptcha probably blocks 99.9% of spam form submissions. The required fields block probably 90% of those that get past the recaptcha.

Major hosted solutions like Wix or whatever might have dedicated firewalls at the network level utilizing honeypots to automatically drop packets from known spammer IP addresses.