Spambots shall not pass¶
Intro and challenge¶
Our hosting team has faced a lot of messages about Bounce and Complaint reports after Mail system improvements - December 23, 2019. When we have started to investigate this issue we found some forms with no required security requirements as a captcha which were used by spam-bots.
As far as you know, spamming from your domain will lower your rating and in the future, your emails will fall into the Spam folder. This is not good.
What next¶
Set up Google reCAPTCHA for your project¶
We highly recommend install and configure Google reCAPTCHA for all the forms on your website. Also, I want point out that captcha is required for using the Amazon SES mailing system.
How to: Setup reCAPTCHA for the CS-Cart¶
Instructions available here
How to: Configure Google reCAPTCHA in Magento 2¶
Instructions available here
Make changes in the CS-Cart settings¶
We have posted this issue to the CS-Cart architecture team and until these issues wouldn’t be fixed, we highly recommend disabling this form/functionality. Here is some instructions on how to do it.
How to: Disable “EXCLUSIVE DISCOUNTS” form (subscribe_form)¶
This form has no captcha settings and spammers able to use them to send emails from your website.
Video how to disable this block:
How to: Disable “Share via E-Mail” (share_by_email.send)¶
This form This form has a critical security issue that allows attackers to make the email address substitution and insert their own text to the messages.
Video how to disable this function:
- This feature was removed from CS-Cart 4.11.1 and above
Hint
If you have a problem, need assistance with tweaks or a free consultation, if you just want to discuss your project with experts and estimate the outcome, if you're looking for a solution that reinforces your online business, we will help. Let us know through Scalesta account or email.