No announcement yet.

spam bots attacking text boxes

  • Filter
  • Time
  • Show
Clear All
new posts

  • spam bots attacking text boxes

    I have a HUGE problem with this on my site. 3dcart support told me to either disable the text box (but I hate doing that because my customers need it for entering personalization requests) or change the URL. Don't want to do either.

    The spam bots starting by just attacking one of my products but now several more are affected.

    I see this by going to "not completed" orders. I can't block the ip addresses because they are all different and I can get hundreds of spam bot attacks.

    Here is an example of some jibberish that appears, "Personalizations: Meg - What can I say you are Arnold Swartsanager and I am Danny DeVito ;) I love you, you are so talented and I am so proud. Thanks for the shots of the heorss I can't stop looking at them."

    Not only is this ANNOYING but I am concerned my site will be a target of a hack or something bad.

    Thoughts? Does anyone know anything about this or how to correct the problem?

  • #2
    What type of text box are you referring to? A product review?

    Looks like it is a commenting bot used for backlinks. Typically this are used on blogs that auto approve comments and don't moderate them. For some reason the bot thinks you are such a site. That doesn't really help of course.

    Can you change the wording or title of the text box? That may throw the bot off as they have to key off of the HTML code to figure out what box to input the text into.


    • #3
      No my blog post comments are fine. You know when you're creating an option for a product and it gives you the option if want a dropdown, checkbox, or text area, or text? Well if I select either "text" or "text area" that is what the spam bot is attacking.

      Customer support suggested I disable it for awhile, and I did for about one month or so. As soon as I put the text area back, the spam bots attack.

      Changing the word or phrasing has absolutely no bearing. I tried that several time and even deleted it and started fresh from scratch.

      I wonder if I'm the only one this is affecting. So so frustrating.


      • #4
        We have had this problem too. So frustrating, and the only response from Support is "disable the text boxes" like you were told as well. We use those boxes for gift wrap messages, and for engraving text, so disabling them isn't really an acceptable option. And yet, that is exactly what we had to do for gift wrap. Now instead of all the spam, we have to deal with all the complaints that there isn't a good place to leave the gift messages. I wish I had advice to offer, but I was pretty much told that there is no solution.
        Laura Z
        Brass & Silver Traditions


        • #5
          Ugh. So upset to hear that. I wish there was a solution. Does anyone know if there is some sort of vulnerability portal to sites that have this problem in terms of potential hacking, etc. That is what concerns me the most.


          • #6
            I don't think there is really any danger of this causing a hacking event. They are looking for vulnerabilities, but it is just a very dumb text input box that doesn't execute code.

            I used to have about 50 fake customer registrations per day, but that has since gone down to 0. I think you should just live with it and wait it out.


            • #7
              Waiting it out wasn't an option when this was happening for us. While it was harmless in terms of hacking, it did cause major bandwith usage. Because of that we had to disable the boxes.
              Laura Z
              Brass & Silver Traditions


              • #8
                Is there a way someone could code a Capture for this text box? We don't use this feature, so I am not sure.

                Packaging and Shipping Supply Specialists


                • #9
                  Can someone from tech support please help with this?


                  • #10
                    We were having the same problem. It was coming form 15 different ip addresses. I went ahead and just blocked those IPs.



                    • #11
                      I wish I could just block the IP addresses but I'd be sitting here all day doing so. I can get hundreds.

                      Jimmy, Gil anyone can you help please?


                      • #12
                        Fix for Spam Bots Attacking your Product Text Boxes

                        I moved my gift card message to checkout and
                        I placed this code in my product listing template, which stopped the spam-bots. I allow 12 characters to add personalization for a product.

                        <!--START: text-format-->
                        [value]: [oprice]<br />
                        <input type=text size=30 maxlength=12 name=\"text[oname]\" onClick=\"this.value='';\" class=\"txtBoxStyle\">
                        <br />
                        <!--END: text-format-->

                        Hopes this helps


                        • #13
                          Possible solution

                          Read this!

                          Protecting Forms from Spam ‘Bots -


                          • #14
                            I didn't read this closely, but it looks like every solution offered in that link requires server-side scripting capability, which we lack.


                            • #15
                              I just saw in the April 2013 release notes post that 3Dcart now supports ReCaptcha. This is great and will help on this kind of thing.