Contact Us Spam

A

Alfuzzy

Well-known member
Site is getting a lot of "Contact Us" Spam. Is there any way to control this via stock Xenforo install?

The person/bot sending this Contact Us spam many times uses the same username...but almost always uses a different email address.

I know Xenforo can ban Contact Us email address's...but couldn't find any control measures for Contact Us "name".

If there's something that can be done...that would be awesome!

Thanks
 
Try with Hcaptcha if you are using google recaptcha, it works better for me to control contact us spam.
 
Thanks for the suggestion. I have tried Hcaptcha recently (on it's most difficult setting)...even swapped some emails with Hcaptcha customer support. HCaptcha has not helped with site Contact Us...or new account registration spam.

Q&A Captcha doesn't work either...tried that too. No bueno!:(

Thanks
 
Alfuzzy said:
Thanks for the suggestion. I have tried Hcaptcha recently (on it's most difficult setting)...even swapped some emails with Hcaptcha customer support. HCaptcha has not helped with site Contact Us...or new account registration spam.

Q&A Captcha doesn't work either...tried that too. No bueno!:(

Thanks
Click to expand...
Have you tried to identify the country by checking its IP? Maybe you can temporarily ban the country or region. Usually these are bots, after an x amount of failing connections it stops.
 
I just checked a bunch of Contact Us messages from this person/bot...and it turns out it's the exact same IP address each time. Thus I guess I will ban this individual IP address.

Here's the actual IP address 46.161.11.199 (it's in the UK). I don't feel guilty sharing it...since it's a spammer.:)

If I ban this single IP address...how large a geographical area does this block? Site has a lot of members from the UK...and don't want to block legit members by accident.

Thanks
 
Alfuzzy said:
I just checked a bunch of Contact Us messages from this person/bot...and it turns out it's the exact same IP address each time. Thus I guess I will ban this individual IP address.

Here's the actual IP address 46.161.11.199 (it's in the UK). I don't feel guilty sharing it...since it's a spammer.:)

If I ban this single IP address...how large a geographical area does this block? Site has a lot of members from the UK...and don't want to block legit members by accident.

Thanks
Click to expand...
If you’re using cloudflare, you could block the IP with a rule. Or, you can create a htaccess or config rule to block that IP.

Good luck!
 
Looks like Andy's Add-on blocks country codes. IP is from the UK. Site has too many members in the UK to block the UK.
 
Starbucks said:
If you’re using cloudflare, you could block the IP with a rule. Or, you can create a htaccess or config rule to block that IP.

Good luck!
Click to expand...
We can block IP's via XF AdminCP (99% sure).

Question is...if I block this individual IP...how large of a geographical area will I be blocking?

Thanks
 
Alfuzzy said:
We can block IP's via XF AdminCP (99% sure).

Question is...if I block this individual IP...how large of a geographical area will I be blocking?

Thanks
Click to expand...
Each IP is unique, so if you’d block that specific IP, you’d only block this person.

However, if they start to use a VPN or go to the nearest coffee place like Starbucks and use their Wifi, they can access your website again, or even by using the Wifi of the neighbors.
 
Starbucks said:
Each IP is unique, so if you’d block that specific IP, you’d only block this person.
Click to expand...
Good deal that's what I thought...but wanted to be 100% sure.
Starbucks said:
However, if they start to use a VPN or go to the nearest coffee place like Starbucks and use their Wifi, they can access your website again, or even by using the Wifi of the neighbors.
Click to expand...
Ohh yes...I'm VERY aware of this! Thanks:)
 
This add-on will help reduce or eliminate bot traffic:

xenforo.com

[OzzModz] Contact Us Spaminator

Sick and tired of your inbox getting flooded with spam coming from the "Contact Us" system on your xenforo install(s)? You've tried everything and still it persists? You even shut off the "Contact Us" form to guest visitors? You need the...
xenforo.com xenforo.com
 
Wildcat Media said:
This add-on will help reduce or eliminate bot traffic:

xenforo.com

[OzzModz] Contact Us Spaminator

Sick and tired of your inbox getting flooded with spam coming from the "Contact Us" system on your xenforo install(s)? You've tried everything and still it persists? You even shut off the "Contact Us" form to guest visitors? You need the...
xenforo.com xenforo.com
Click to expand...
I have used the "contact us spamminator" add-on since we purchased XF in 2021. Our forum has had basically zero problem with spammers using 'Contact Us'. I do not even bother looking at the log of spammers. However, I did just for this reply. Today's spamminator log for our forum shows 37,620 rejected spammers since the add-on was installed in early 2021, including ten rejected spammers within the past 24 hours....and this is just those that come in only through 'contact us'.

Highly recommended. There may be other solutions, but this add-on works great, at low cost.
 
Alfuzzy said:
We can block IP's via XF AdminCP (99% sure).

Question is...if I block this individual IP...how large of a geographical area will I be blocking?

Thanks
Click to expand...
Blocking an individual by IP is not a good idea. Bear in mind that many (innocent) users can be using the same IP address...such as at a hotel, airport, coffee shop, etc.
 
Starbucks said:
Each IP is unique, so if you’d block that specific IP, you’d only block this person.
Click to expand...
Alfuzzy said:
Good deal that's what I thought...but wanted to be 100% sure.
Click to expand...
NO! Today most IPs are not unique. Because of rare IPv4 addresses NAT IP-addresses are heavily used:

en.wikipedia.org

Network address translation - Wikipedia

en.wikipedia.org en.wikipedia.org

We have IP addresses, that were used by hundreds of users during the last couple of weeks.

So, no: banning a common IP address is not a good idea.

The addon by @Ozzy47 seems to be a good approach. Simply adding a captcha to the contact form (addon needed) would also be a good approach.
 
  • Like
Reactions: GW2
Screenshot - 2022-10-28T144409.247.png

PS,: I stopped the spam 100% my using a custom contact form URL and simply inserting the board email address.


Never had a spam email from them since because their spam bots are looking for a form.
 
Last edited:
You must log in or register to reply here.

Similar threads

F
  • Question Question
XF 2.2 Allowing images/pictures to "Contact Us" page?
Replies
1
Views
81
Ozzy47
Ozzy47
SeaWolf
  • Question Question
XF 2.2 Is there a Contact us (link or in menu) ?
Replies
3
Views
214
SeaWolf
SeaWolf
S
Add-on Contact us form questions & routing
Replies
4
Views
420
stromb0li
S
MapleOne
Contact & Registration spam stopped almost 100% at zero cost
2
Replies
23
Views
1K
Zardoz43
Zardoz43
Artonn
Using contact us fails, after using SES smtp.
Replies
1
Views
292
Artonn
Artonn
Top Bottom