Form Builder - Spam With Recaptcha - Question | JoomShaper

Form Builder - Spam With Recaptcha

ML

Marius Lindemann

SP Page Builder 4 weeks ago

Hello everyone. I've recently had the problem that we've been getting a lot of spam emails via the contact form, even though we've been using GoogleRecaptche v3 (invisible) for years. Could it be that an update has recently opened something there?

I've had to hide the contact form for now so that the flood of emails stops.

SP Page Builder 5.3.6. Joomla 5.1.6

Website: www.jugendgruppe-oker.de

3
64 Answers
CN
Chris Nichols
Accepted Answer
4 weeks ago #165286

I'm having the same issue, the messages are all exactly 3 minutes apart, and are mostly in Greek.

1
D
Daniel
Accepted Answer
4 weeks ago #165315

Im having the same issue on multiple websites as well... Recaptcha weirdly scores the messages really high as well (0.8 - 0.9)... On other websites with third part contact forms (same recaptcha though) this problem doesnt occur...

2
SS
Sensible IT Solutions
Accepted Answer
4 weeks ago #165333

Having the same issue on older websites (4.3.4 running SP Page Builer 5.0.8) and newer ones (5.1.2 running SP Page Builder 5.3.6)

0
V
Vanessa
Accepted Answer
4 weeks ago #165372

I'm having the same exact issues. The characters appear to be Cyrillic as others have indicated. I have received hundreds of spam emails over the last few weeks and 85 just this morning.

I am on Joomla 4.4.4 running SP pagebuilder 5.3.0.

0
CN
Chris Nichols
Accepted Answer
4 weeks ago #165384

Whichever bot farm is behind this, they've really increased the volume now, 400 plus overnight, all in Cyrillic.

1
D
Daniel
Accepted Answer
4 weeks ago #165423

As a temporary solution (other than disabling the contact form) - you can block this spam bot (for now) by adding this code to your .htaccess file. These IP's was sending all the spam to all the websites I suddenly got this spam problem with.

<RequireAll>

Block specific IP addresses

Require not ip 191.96.168.193
Require not ip 165.231.182.63
Require not ip 165.231.182.11
Require not ip 143.244.41.231
Require not ip 196.196.53.54

# Allow all other IP addresses
Require all granted

</RequireAll>

In addition to this I can really recommend using the joomla plugin from cleantalk.org. I think they still offer 7 days trial, which comes in real handy now... :)

0
SG
Steven Gourlay
Accepted Answer
4 weeks ago #165439

Same problem, across the board

1
MO
Mighty Oak
Accepted Answer
4 weeks ago #165442

Hi I am having the same problem, to the point where I have had 3 customers contact me regarding this issue. Further my host Ionos has now blocked all sending of emails from all my customers, this needs addressing immediately!

1
B
Berbiers
Accepted Answer
4 weeks ago #165446

Same problem

1
Toufiq
Toufiq
Accepted Answer
Senior Staff 3 weeks ago #165470

Hi there,

Thank you for reaching out, and I apologize for any inconvenience this may have caused. We're close to resolving the issue and will release the fix as soon as possible.

Best regards,

Toufiqur Rahman (Team Lead, Support)

0
V
Vanessa
Accepted Answer
3 weeks ago #165518

Will the built in default captcha work in the interim? The one where you put in two numbers and the answer, and and is the problem specific to google captcha plugins/joomla? Looking for a temporary workaround while you fix it.

0
D
Daniel
Accepted Answer
3 weeks ago #165526

It didnt work for me. I reccomend you to use cleantalk.org. It is easy to set up an account, and all you have to do is install a plugin and paste a code from cleantalk.

They have a 7 day trial period, but its not expensive after that at all.

0
K
Kim
Accepted Answer
3 weeks ago #165542

You can add the following IPs to your banned list (spam received this morning) :

167.65.231.182.112

165.231.182.11

0
I
ideal-heim-bau
Accepted Answer
3 weeks ago #165572

Wanted to post about that as well, glad to see that we are not a specific target by these bots. Recieved about 8000 requests through the form this weekend, until IONOS deactivated our webspace mail automatically. I dont think blacklisting IP Adresses is a sustainable solution. Saw that a staff member replied that they are working on the problem, so I hid the form for now, while telling customers to just write an e-mail directly. If there wont be a fix soon, I will check out cleantalk.org as Daniel suggested, thanks Daniel.

0
D
Daniel
Accepted Answer
3 weeks ago #165629

No, of course blacklisting the IPs isnt a sustainable solution, but it does the job for now as we wait for a solution from Joomshaper. I have 7 different customers experiencing this problem now, and a combination of blacklisting the IPs and cleantalk has solved this problem - temporary.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 3 weeks ago #165784

Initial solution: Use the default number captcha system.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 3 weeks ago #165785

We have solved the capctha issue. Hold on for the next release.

Initial solution: Use the default number captcha system.

0
REMO
REMO
Accepted Answer
3 weeks ago #166029

Hello Toufiq, No the problem has not been solved, we are still receiving mass spam, despite an update of SP Page Builder Pro version 5.3.6, both with Google Recaptcha and also with the default number captcha system. Please solve this problem as soon as possible. Thank

0
I
ideal-heim-bau
Accepted Answer
3 weeks ago #166051

I dont think the update he speaks of has been deployed yet.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 2 weeks ago #166137

We have solved it in our development environment. We will release it next week.

Initial solution: Use the default number captcha system.

0
ML
Marius Lindemann
Accepted Answer
2 weeks ago #166173

The default number captcha isn't a solution. We also get the same spam with it!

0
REMO
REMO
Accepted Answer
2 weeks ago #166182

I'm agree with Marius. Why are you giving false information, please solve this problem as soon as possible. Why pay for the pro version if it's buggy?

0
I
ideal-heim-bau
Accepted Answer
1 week ago #166857

Hello @Toufiq

Can we still expect this Update to be released this week?

Thanks.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #166996

Please check the latest version. Thanks

0
A
Artur
Accepted Answer
3 weeks ago #166030

Change your form to this one. Turn on recaptcha and spam will disappear. https://www.tassos.gr/joomla-extensions/convert-forms

1
REMO
REMO
Accepted Answer
3 weeks ago #166032

Thanks Arthur, but if I have to redo all the forms, I'd rather use Joomla's default form than install a new extension. Before taking any action, I'm waiting for an answer from the SP Page Builder Pro team.

0
How
How
Accepted Answer
2 weeks ago #166168

Yeah, for me it's too late because we've been blacklisted on Gmail, where the forms were supposed to be sent. I have major complaints from my client and don't know what to do.

I see the problem is with an additional address added by spammers, so the form is being sent to two addresses: the correct one defined in the form settings and the additional one added by spammers. There is no stright problem with CAPTCHA because emials are sent corectly but for additional spam address too. There should be no possibility to put any additional receiver address in form. Anyway, this vulnerability is also present in previous versions of SPPB (I had version 3 on one old page).

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #166997

Please check the latest version. Thanks

0
EB
Elliot Block
Accepted Answer
1 week ago #167059

I downloaded the latest version, installed the hcaptcha plugin, configured the hcaptcha correctly. Litearlly within one minute, the spam emails started again.

There is also no sitekey traffic shown in hcaptcha so the spammers are using some kind of workaround to get around the captcha.

This is not acceptable... can some attention be placed on this please??

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #167101

Does it happen on invisible re-captcha also? Please let me know. Thanks

0
EB
Elliot Block
Accepted Answer
1 week ago #167105

Yes, it occurs with either captcha plugin and both are properly configured.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #167112

Can you provide me your site login credential to check the issue?

0
EB
Elliot Block
Accepted Answer
1 week ago #167229

See attached.

0
Steve
Steve
Accepted Answer
1 week ago #167173

Hello everyone! I have the same problem here! I use “SecurImage” as a captcha and it is set up correctly. This has also worked reliably for years in combination with, for example, “Contact Enhanced”.

With “FormBuilder” in the current PageBuilder 5.3.7, however, my customers had around 1000 SPAM messages again over the last weekend. Some of them received Cyrillic SPAM mails every 2 to 3 minutes. It seems that the captcha can be bypassed.

Please check this as soon as possible! Many thanks in advance!

1
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #167179

We didn't add compatiblity of this extension. You need to check this documentation.

https://www.joomshaper.com/documentation/sp-page-builder/configuring-hcaptcha

0
Steve
Steve
Accepted Answer
1 week ago #167200

Thanks for the tip Toufiq, the captcha "SecureImage" is set as default and selected as third party in PageBuilder. It works - I have tested it. The form cannot be submitted without entering the correct captcha.

As Elliot Block wrote above (https://www.joomshaper.com/forum/question/34449#qa-answer-167059), it looks like the integration of the old captcha (numbers, as well as the new integrations) can be bypassed.

In addition: I would like to be able to choose a third-party provider and not have to create and pay for new accounts from predefined providers. This is not possible with a large number of customers. In addition, the “SecureImage Plugin” does not use an external service, but works locally on the server (keyword “privacy”).

Many thanks and best regards

0
ML
Marius Lindemann
Accepted Answer
1 week ago #167201

I also installed the new version and then reactivated the contact form with the supported captcha. Within a very short time, SPAM emails were sent again via the form.

Please finally put a stop to this problem. You get money from us users for the PageBuilder and it is used on countless productive websites. A security problem like this over two weeks can no longer be explained to customers in good conscience. In addition, orders are lost as a result.

0
Steve
Steve
Accepted Answer
1 week ago #167207

Thank you Markus - happy to see that iam not alone with this problem. The new PB version for the captcha seems not to work.

0
CN
Chris Nichols
Accepted Answer
1 week ago #167233

I've had great success installing CleanTalk on my sites.

One site in particular seems to be being targeted. CleanTalk has very successfully filtered legitimate from spam messages via the contact forms.

The 3 rows are Today, Yesterday and Week

0
K
Klaus
Accepted Answer
1 week ago #167282

Have the same problem for about 3 weeks now, update didn't work, just trying the addon - looks good for now. @Joomshaper - do you know when a fix will be there or even where the problem is?

0
MO
Mighty Oak
Accepted Answer
1 week ago #167293

WHY IS THIS NOT A PRIORITY ??? When will this be fixed? This problem has been going on for over a month now and my customers are very annoyed. I have no way of fixing the issue and they are losing business and I will lose my customers if this is not dealt with. Why are you not taking this seriously?

0
How
How
Accepted Answer
1 week ago #167312

Guys, just remove that addon from the site and use something else for forms. I know it may be a lot of work, but it will definitely be faster and safer than using SPPB forme builder. I lost one client permanently and am having issues with two others.

Anyway, because of this problem, I started looking for another form builder and found something better, where the developer also offers a page builder. After testing, I’ve decided not to purchase SPPB again. There were too many issues, and that CMS is still far from perfect. Sorry to say that.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #167318

Could someone please provide me with a staging site to resolve this issue more quickly? I have checked it on my own server but couldn't identify the problem. I apologize for the inconvenience and need your assistance. I'll aim to have a hotfix ready by tomorrow.

1
ML
Marius Lindemann
Accepted Answer
1 week ago #167370

I don't understand why, with such an error that affects all users (and is therefore a programming error and not a setting error on the website), the admin access data for the websites is required. Not very secure and not data protection compliant.

I have activated access data for one website. See below

1
Michael Koch
Michael Koch
Accepted Answer
1 week ago #167373

You can take access from my site. I have the same problem since month. we get daily about 10K Spammers on my site! We have RSFirewall - so this semms to be save for the moment.

P.S. Maybe you fix btw my anther problem from here ... https://www.joomshaper.com/forum/question/34764

0
V
Vanessa
Accepted Answer
1 week ago #167380

Because of this unresolved ongoing issue for the last month+, my hosting company has disabled the form on my website to prevent it from being blacklisted. I pay a subscription to use JoomaShapers proucts and this product has not been working for longer than acceptable.

I am due to renew my Joomshaper subscription and would like to know what will be done to compensate your subscribers for this issue that has had no effective resolution, has caused clients and business to be lost, and has ruined the reputation of your subscribers.

Thank you

0
CN
Chris Nichols
Accepted Answer
1 week ago #167403

I just think everyone needs to stop just relying on reCaptcha as the sole method of stopping SPAM. Just do a quick Google search on how to bypass reCaptcha. This very issue is being discussed on Wordpress forums as well.

This is an example of what we're up against:-

https://nextcaptcha.com/p/recaptcha_v3

0
Steve
Steve
Accepted Answer
1 week ago #167413

The problem here is not only with reCaptcha. Other captchas do not work in PB either and can be bypassed.

0
CN
Chris Nichols
Accepted Answer
1 week ago #167415

This website offers services to solve most other captchas. https://2captcha.com/

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 week ago #167442

We are trying to figure out the issue. Please allow us time. Thanks

0
ML
Marius Lindemann
Accepted Answer
4 days ago #167776

Hey Toufiq how is the progress with the bug fix? Another two days without an update and more annoyes costumers as well.

No one loged into the website since I provided the login...

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 4 days ago #167778
0
ML
Marius Lindemann
Accepted Answer
1 day ago #167939

I've installed this update on two websites and reactivated the contact form on both sites. No Spam-Mail the last three days. Should be an official update soon.

And please also introduce support for the standard Joomla Captcha so that there are alternatives to Google.

Off-Topic to "Hidden Content": The thread creator can also see all hidden content in the thread. Not only the staff. Not safe, should be changed.

0
GC
Georgios Chatzigeorgiou
Accepted Answer
3 days ago #167825

Same problem here, no matter which type of protection i use, spams keep coming in cyrillic. Is it safe Toufiq to installa the version above?

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 2 days ago #167839

Yes, It safe.

0
GC
Georgios Chatzigeorgiou
Accepted Answer
2 days ago #167841

I've downloaded it and since then no spam arrived. Good news. We are expecting an official update on that. Thank you.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 2 days ago #167850

Please check again and let me know. If you confirm then we will publish it officially. Thanks

0
PP
Paul Pownall
Accepted Answer
1 day ago #167927

I have installed the latest version from the link above and i can confirm still getting spam.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 day ago #167974

How much did you get spamming? Can you provide me your site login credential to check the issue?

0
ONITdev, Lda.
ONITdev, Lda.
Accepted Answer
1 day ago #167987

Hi! Yesterday we started to have spam sent from one of our websites (hundreds of them). To stop this, w had to take the site offline for a few minutes. After that we found this thread and applied the SPPB version that Toufiq provided above. So far, 16 hours later, no SPAM was received.

We'll let you know if SPAM starts again.

0
GC
Georgios Chatzigeorgiou
Accepted Answer
1 day ago #167992

Toufiq, it's been 2 days since i installed the new version. The spam has been significally less. i got like 3 or 4 spam emails. In my case the problem is 99% solved. my site is www.getcert.gr

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 1 day ago #167996

Let me know if you get spamming again. Thanks

0
Steve
Steve
Accepted Answer
4 hours ago #168096

Hello Toufiq, I have installed the update 5.3.8. Two minutes later, the SPAM messages immediately reappeared on the customer pages. The problem is NOT solved. The PB-default was set as the captcha.

0
Toufiq
Toufiq
Accepted Answer
Senior Staff 4 hours ago #168100

Could you kindly grant me access to your Joomla administrator area so that I can investigate the issue you're experiencing? Prior to providing access, please ensure that you have backed up your site. Additionally, it's important to note that providing login credentials is entirely voluntary on your part; we respect your decision either way. However, if you do choose to share the login details, it would greatly expedite the resolution process. Thank you for your cooperation.

0