geolaw
Forum Replies Created
-
Forum: Plugins
In reply to: [Contact Form 7] wp-json exploited to send spamLooks like the .htaccess rule is wrong and would need a leading slash in front of wp-json but a valid form submission appears to send its data via wp-json as well, so this is probably not a good method to block spam
108.251.156.163 – – [03/Feb/2021:14:56:14 +0000] “GET /contact-us/ HTTP/1.1” 200 19753 “https://mydomain.com/” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/85.0”
108.251.156.163 – – [03/Feb/2021:14:56:23 +0000] “POST /wp-json/contact-form-7/v1/contact-forms/174/feedback HTTP/1.1” 200 508 “https://mydomain.com/contact-us/” “Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:85.0) Gecko/20100101 Firefox/85.0”I’ve got a captcha on my form, anyone have any other anti-spam measures that work?
I’ve read about a honey pot with hidden fields.My websites are fairly low traffic – I don’t get many “contact forms”, but it seems like the few I have gotten in the past several weeks have all been spam
plugin version Version 5.5 with CF7 Version 5.1.4
Example – this one came over today :
From: contactnomyxt
Subject: We are sending via contact forms to the sites of firms via any countries and domain zones of the world.Phone : 123456789
Message Body:
Good whatever time of day it is where you are!We will send viacontact forms to the sites of business organizations via any domain zones of the world.
Your letter is sent to E-mail of institution 100% will get to inbox!
Test:
ten thousand messages on foreign zones to your email address – twenty $.
We need from You only E-mail, title and text of the letter.Sort of related to this is a problem I face.
Due to the probing I see across all of my word press sites for bot logins I usually .htaccess protect my /wp-admin/ directory. With this .htaccess in place, every hit on my photo gallery throws up a password box.
Can the hits against admin-ajax be redirected elsewhere ?
Wow – bizzare, I went back to the same site later on and its broken again. Looks like its time to find another option.
I was fighting this problem this morning – used the [reCAPTCHA] toolbar button to insert the tag and try as I might it just was not showing up ….
until I enclosed it within a <P> tag
As soon as I added the <P> tag around it it popped right up …<P> Verify you’re human : [recaptcha theme:dark]</p>
Nope – still does not work for me in the footer even with both plugins installed.
all the options checked in the “anywhere” plugin too.answered my own – https://www.ads-software.com/extend/plugins/404-redirected/
works well ??unfortunately, according to his site, he is no longer developing csprite ??
https://www.mummey.org/csprites/