To post a new support question, click the Post New Topic button below.
Current Version: 5.2.5 | Sytist Manual | Common Issues | Feature Requests
Please log in or Create an account to post or reply to topics.
You will still receive notifications of replies to topics you are part of even if you do not subscribe to new topic emails.
Attacks From Create Account Page
B
Benoit Champagne
59 posts
Tue Dec 21, 21 7:40 PM CST
Hi,
Have anyone experienced this. My site is under attack and something is creating accounts over accounts with false email addresses. I am being swamped by bounding emails and account creation notifications.
Does anyone found a way to solidify the account creation process ? As it is now, I have renamed the store_new_account.php file so it cannot be accessed anymore. But seems some more have been able to go through. I dont know where to look further to block those. The site is unusable now and I have closed it for customers :(
Thanks for any help or information you can provide...
Benoit
Have anyone experienced this. My site is under attack and something is creating accounts over accounts with false email addresses. I am being swamped by bounding emails and account creation notifications.
Does anyone found a way to solidify the account creation process ? As it is now, I have renamed the store_new_account.php file so it cannot be accessed anymore. But seems some more have been able to go through. I dont know where to look further to block those. The site is unusable now and I have closed it for customers :(
Thanks for any help or information you can provide...
Benoit
B
Benoit Champagne
59 posts
Tue Dec 21, 21 9:07 PM CST
For the time being, I have added some validation code in "store_cart_actions.php" to check the validity of the phone number provided (which was part of the problem) and making sure the last_name do not contain invalid text, such as "http". The changes were made real fast and not in the best way, but I just hope it allows my site run again.
It might be something worth adding for future update : adding more robust checks on input fields, especially with account creation.
Any thoughts on the subject ?
It might be something worth adding for future update : adding more robust checks on input fields, especially with account creation.
Any thoughts on the subject ?
Shawn Mertz
153 posts
Tue Dec 21, 21 11:16 PM CST
recaptcha "i'm not a robot" instructions are here. it may solve your problem.
https://www.picturespro.com/sytist-manual/settings/recaptcha/
https://www.picturespro.com/sytist-manual/settings/recaptcha/
Tim - PicturesPro.com
17,026 posts
(admin)
Wed Dec 22, 21 6:29 AM CST
Yes, try recaptcha .
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
My Email Address: info@picturespro.com
B
Benoit Champagne
59 posts
Wed Dec 22, 21 7:09 AM CST
hi guys, and thanks.
I do use reCaptcha one my other sites. I was not aware that Sytist added its support. Good thing. However, I am still on 3.7, hence I do not have this update since it was added with 3.9.
It is not a free upgrade as I understand it, right ?
I do use reCaptcha one my other sites. I was not aware that Sytist added its support. Good thing. However, I am still on 3.7, hence I do not have this update since it was added with 3.9.
It is not a free upgrade as I understand it, right ?
Tim - PicturesPro.com
17,026 posts
(admin)
Wed Dec 22, 21 12:11 PM CST
It's a free upgrade within the first year. Then after that it is a paid upgrade for $99 which also includes a year of updates.
https://www.picturespro.com/sytist/how-to-upgrade/
https://www.picturespro.com/sytist/how-to-upgrade/
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
My Email Address: info@picturespro.com
Please log in or Create an account to post or reply to topics.
Loading more pages