Skip to content

Spambots shall not pass

Intro and challenge

Our hosting team has faced a lot of messages about Bounce and Complaint reports after Mail system improvements - December 23, 2019. When we have started to investigate this issue we found some forms with no required security requirements as a captcha which were used by spam-bots.

As far as you know, spamming from your domain will lower your rating and in the future, your emails will fall into the Spam folder. This is not good.

What next

Set up Google reCAPTCHA for your project

We highly recommend install and configure Google reCAPTCHA for all the forms on your website. Also, I want point out that captcha is required for using the Amazon SES mailing system.

How to: Setup reCAPTCHA for the CS-Cart

Instructions available here

How to: Configure Google reCAPTCHA in Magento 2

Instructions available here

Make changes in the CS-Cart settings

We have posted this issue to the CS-Cart architecture team and until these issues wouldn’t be fixed, we highly recommend disabling this form/functionality. Here is some instructions on how to do it.

How to: Disable “EXCLUSIVE DISCOUNTS” form (subscribe_form)

This form has no captcha settings and spammers able to use them to send emails from your website.

Subscribe form

Video how to disable this block:

How to: Disable “Share via E-Mail” (share_by_email.send)

This form This form has a critical security issue that allows attackers to make the email address substitution and insert their own text to the messages.

Subscribe form

Video how to disable this function:

  • This feature was removed from CS-Cart 4.11.1 and above

Hint

If you have a problem, need assistance with tweaks or a free consultation, if you just want to discuss your project with experts and estimate the outcome, if you're looking for a solution that reinforces your online business, we will help. Let us know through Scalesta account or email.