What triggers Spam Firewall? Original query string variables don’t carry over.

Hello,

We need more details about the issue. I think it will be better to continue in our private Ticket System:

https://cleantalk.org/my/support/open

Please send us a screenshot of the block there.

@millo_magno thanks for the great question!

Plugins fires SpamFireWall if a visitor IP has high level of spam activity according our database https://cleantalk.org/blacklists

The database includes about 500k IP addresses. To test SpamFireWall use a request https://mysite.com/?sfw_test_ip=10.10.10.10

Where 10.10.10.10 is an address from the private network, just to test SpamFireWall.

So, the plugin doesn’t care about any other request’s data to fire SpamFireWall.

Let me know if you have any questions. If the question is about your account, logs and etc., it will be better to submit a private tickets as said above.

Hey @shagimuratov,

Mihai from SliceWP here. I’m currently helping @millo_magno with this particular issue.

I’d like to explain what’s happening and what solution I’d like to implement. For this however, I do need your input as I couldn’t figure out if this is possible by exploring the CleanTalk plugin’s code.

For SliceWP to be able to track referral visits, we use of a query argument. By default the argument’s name is “aff” and its value is set to the affiliate’s ID.

So, an affiliate’s referral link looks something like this: https://site.com?/aff=21

With the CleanTalk firewall enabled, on @millo_magno site, if you visit the homepage using the referral link, once the spam filter finishes its job, the visitor is redirected to /?sfw={somestring}, with the “aff” query argument being lost in the redirect.

Because of this, SliceWP cannot validate and register the referred visit.

My solution would be to hook into CleanTalk’s spam filter redirect (via a filter maybe) and add the argument back in if I find it in the $_GET variable.

Another solution would be to tell CleanTalk to keep the URL’s query arguments in place after the firewall check redirect.

Not sure which is possible, so any feedback would be appreciated.

Thank you and best wishes,

Mihai

Hello,

You can try to set the Uniq GET option to Off here:

WordPress Dashboard -> Settings -> Antispam by Cleantalk -> Advanced settings

Did it help?

Hi Serge,

I just tried that. Unfortunately it didn’t help.

What happens now is that it redirects to the home page, but without any query string at all, not the SFW query string, nor the AFF query string that’s passed in the original http request.

Would it be possible, as Mihai suggested above, to get CleanTalk to keep the URL’s query arguments in place after the firewall check redirect?

Hello @millo_magno, @iovamihai

The SpamFireWall blocking screen is not triggered for the users with clean IPs. So the referral link shouldn’t be changed for them. As I could understand, while visiting the site in incognito @millo_magno sometime gets the SpamFireWall blocking the screen, that is not should happen, actually.

@millo_magno, could you, please send us a screenshot of the blocking screen that you see?

You can send it privately in our support ticket system:

https://cleantalk.org/my/support/open

Thank you.

Hi amagsumov

OK, I’ve submitted the image via the support link you provided. I was unable to upload the image as the system wouldn’t allow it so Iv’e used an external URL.

Looking forward to feedback.

Hello.

We received your reply.

Thank you.

Thread continued here for anyone with same issues:

https://www.ads-software.com/support/topic/query-string-variables-dont-carry-over-when-spam-firewall-is-triggered/#post-16465381