Spam from Welcome Email after registration

[0121stephen]

Someone is sending spam emails using my customer sign up.  They are signing up as a new customer and sending spam through the welcome email that the site sends out.  I am running Prestashop 1.6.1.19.  Does anyone know how to stop it?  I have disabled the welcome email but this isn't ideal.  Any ideas?

 

Many thanks,

Stephen

[Yulem]

Same problem.  I'm still on 1.6.1.23.

[greg barratt]

same problem here 

[pantoffelke]

same here, started yesterday 

[doekia]

 

[ipaelo]

Thanks @Doekia

[SpySly]

Thanks Doekia  ....work, work, work !!!!

[0121stephen]

Yes this is an issue for me too when updating the customer.php file I have done so in UTF-8.  Did anyone get anywhere with this one?

[pantoffelke]

8 hours ago, doekia said:

 

Thx doekia, it works

[Craig Owen]

Thanks for the fix, it appears to have resolved the problem, only time will tell whether they find a way around the "fix"

[doekia]

The purpose of the attack is to "invite" you to some porn related web site. As soon  as they cannot do such "invitation", attacking your shop looses interrest. The fix does that makes subscription  unable to promote any web site. Hence not usefull in their scenario

[iamtheboss]

Same problem here, so how exactly can we fix this ? Thanks

[selectshop.at]

@iamtheboss Apply the fix doekia named here:

https://www.prestashop.com/forums/topic/981159-securite-spam-customer-account-solution-13-17/

[Boonyawat]

Hello,

 

Can I just follow doekia's first post and manually edit Validate.php and Customer.php? Without having to run the patch file?

 

Thank you

 

[01Park]

I applied this exactly, but it doest work.

Invalid customer firstname, invalid customer last name. 

1.6.1.20 prestashop

 

Could it maybe be PHP version related?

Edited April 23, 2019 by 01Park (see edit history)

[doekia]

No it is not related to PHP in any case.

As I explained in the PM (after seeing your file) you are trying to manipulate your file with a web based filemanager rather than FTP.

This causes character encoding to be tampered and ruin the regex.

[greg barratt]

the patch worked perfectly on 1.6.1.4

thanks!

 

 

Edited April 23, 2019 by greg barratt (see edit history)

[01Park]

I edited the file in filemanager ( not trying to manipulate nothing). In another post there is a spanish video explaining how and what to change. 

 

Is it possible for you to create the correct files and just upload these to the post. Then everyone can just overwrite the old one.

 

[doekia]

Sorry you do not understand my replies. I cannot help.

Your file is containing:

        return preg_match('/^[^0-9!\[\]<>,;?=+()@#"\A1\C6{}_$%:\/\\\*\^]*$/u',$name);

rather than

        return preg_match('/^[^0-9!\[\]<>,;?=+()@#"°{}_$%:\/\\\*\^]*$/u',$name);

Let hope someone here with appropriate language skill could explain it to you. Sorry I cannot

[01Park]

On what line do you see this :

 

return preg_match('/^[^0-9!\[\]<>,;?=+()@#"\A1\C6{}_$%:\/\\\*\^]*$/u',$name);

Because I can see

 

return preg_match('/^[^0-9!\[\]<>,;?=+()@#"°{}_$%:\/\\\*\^]*$/u',$name);

[01Park]

To make sure im doing the right thing. I also installed the fix on a prestashop 1.7.5. This worked. 

Just doesnt work for 1.6.1.20

[01Park]

Ok, I solved the issue with 1.6.1.20 

The problem for 1.6.1 is that the validate file is not UTF-8 (EUC-KR, or something like that). I dont know how to create a file with UTF-8, So. I toke the whole code from 1.6.1 and copied that to the validate file from 1.7 ( this is UTF8). Uploaded and test. Fix works!

I added the files for 1.6.1 prestashop.

 

Validate.php

Customer.php

[bu_marius]

Hello. 

 

The best way is to implement recaptcha v.3 in invisible mode because some people use for exemple "365.shop" like the company name (or lastname or firstname)  and the 1.6.1.24 do not allow this name 365.shop.

I already implemented recaptcha v.3 on the 1.6.1.23 and 1.6.1.24 and it is working very well.

 

It is also invisible for the client (no more boring pictures and clicks for the client) 

 

It is working also very well for the contact_form. 

 

Best regards 

 

Edited May 15, 2019 by bu_marius (see edit history)

[doekia]

The protection only affects customer firstname and lastname so no impact on company name

[bu_marius]

Hello. 

 

I have a lots of clients with 

 

Name: S.A.R.L 

And this is not a good way to force the client to change the name or the lastname. 

 

And if you use your prestashop with some market places (ebay for example) some times you have just one name for example 365.shop

 

It is not the best way to force the client to choose what you want. You have to accept what the client wants 

 

😏

Edited May 15, 2019 by bu_marius (see edit history)

[doekia]

Do whatever you want. Once you shop will have been totally banned from mail exchanger all arround the world, refrain to came back here complaining for help.

 

[bu_marius]

On 4/20/2019 at 3:20 PM, SpySly said:

Thanks Doekia  ....work, work, work !!!!

Yes for www.pimp.com it is fine but what about porn.net

 

You have to put a dictionary there 😬😬😱

[doekia]

porn.net is forbidden porn. net is accepted

Problem is mail client (google for instance) tend to convert what seems to be domain name / url to links (porn.net is converted but not porn. net) so it looses interrest form spammers

Neat, simple and efficient