how to ban prestashop spam contact message

how to ban prestashop spam contact message

how to ban prestashop spam contact message

 
sorry for poor English , if you need help,please leave comments below this article or contact support@vicOffers.com , i am pleasure to help,
 

if you get mass span message from contact form

obviously,This is an spam attack against prestashop, the spammer will get the contact controller url easily whatever you change it to, 

Adding Captcha to the contact page maybe work (i didn't try it)

then, it will work to ban these ip address,  i believe they don't control too many ip address, it's possible to add them to blacklist manually,

at least i didn't get the spam for 2 days.

for prestashop 1.6.x

1.first get the spammer ip address 

modify

/controllers/front/ContactController.php

about line 159 add

‘{cusomter_ipaddress}’ => Tools::getRemoteAddr(),

looks like

if (!count($this->errors)) {
$var_list = array(
‘{order_name}’ => ‘-‘,
‘{attached_file}’ => ‘-‘,
‘{message}’ => Tools::nl2br(stripslashes($message)),
‘{email}’ => $from,
‘{product_name}’ => ”,
‘{cusomter_ipaddress}’ => Tools::getRemoteAddr(),
);

change the email template file

/themes/themexxx/mails/en/contact.html   (if there is no custom email template file,then get it from /mails/en/contact.html)

themexxx is the theme applied currently,

en is the the language,

you can add the code after

Attached file: {attached_file}

add  (it should be html code here)

<p><span>Ip Address:</span>{cusomter_ipaddress}</p>
 then you can get the ip address of the spammer  in the system inform email , 

 (you can change the label to  "ipset add blacklist ", you can copy the full line of command such as  "ipset add blacklist 46.148.112.152 ")

for prestashop 1.7.x 

the controller is

modules/contactform/contactform.php

and the template file is the same to ps 1.6.x

/themes/themexxx/mails/en/contact.html   (if there is no custom email template file under your theme,then get it from /mails/en/contact.html)

2. using iptables tools to ban this ip address if you are using a linux server,

centos example,

i have installed iptables if you don't know how to use it,search in google ,

here you need a tool called ipset to ban multi ip add set,

 [root@mail ~]# yum install ipset
[root@mail ~]# ipset create blacklist hash:ip hashsize 4096
[root@mail ~]# iptables -I INPUT -m set –match-set blacklist src -j DROP
[root@mail ~]# iptables -I FORWARD -m set –match-set blacklist src -j DROP [root@mail ~]#service iptables save [root@mail ~]#service iptables restart [root@mail ~]# ipset add blacklist 46.148.112.152

if you have a new spammer  ip address

use

ipset add blacklist  ip   to the blacklist

these useful command

save the ip set to blacklist.txt

ipset save blacklist -f blacklist.txt


restore the ip set

ipset restore -f blacklist.txt


i have shared my blacklist

https://www.prestashop.com/forums/applications/core/interface/file/attachment.php?id=180579

prestashop QQ zone  : 655259626

Share This Post :

1 Comments

  •  stephen
    stephen  Mar 1, 2018
    it seems to be working now, i didn't get these spams for 2 days after adding about 200 ip address,

Leave a Reply

Scroll