Anyone for Spam ?

  • Whilst the Wishlist plugin does work and generate a Wishlist it has a major flaw: Constant spam with “add-to-wishlist” is being targeted and wasting / overloading server resources.

    If you are unlucky enough to be using the free version you have no way of forcing people to register before they can generate a Wishlist. This means you are wide open to bots that love to target this plugin. In the last week we have been bombarded with 6,000 requests to “add-to-wishlist”…….

    Of course if you feel inclined to pay for the Premium version there is the option of forcing registration before creating a wishlist.

    This plugin is included in the template we are using so not easy to remove and use a different one, though this is what we currently working on. Either that or will just have to be expedient and “upgrade” to Premium version with more features that am never going to use.

Viewing 1 replies (of 1 total)
  • Plugin Support Juan Coronel

    (@juaancmendez)

    Hello there,
    we hope you’re doing well!

    All the anchors that our plugin add to your site includes rel=”nofollow” attribute.
    This means that bots shouldn’t visit the url for ATW anchors.

    So, first of all, I’d check if your ATW buttons contain that attribute, and if not you should definitely check if your theme overrides default add-to-wishlist.php or add-to-wishlist-button.php templates

    Of course, malicious attackers could visit add-to-wishlist link even if anchors contain rel=nofollow
    In this case plugin uses a filter over user agant to try to block activity coming from bots
    Anway, this is not always possible, as we cannot identify any existing bot

    My suggestion here is to work on the firewall level, to identify and block IP of the bot that performs the attack over your site.

    Check it out and tell us any news, please.

    Best regards.

Viewing 1 replies (of 1 total)
  • The topic ‘Anyone for Spam ?’ is closed to new replies.