- This topic has 36 replies, 12 voices, and was last updated 6 years, 1 month ago by
.
-
Posts
-
The Russian spammers are hitting our Newsletter subscriber widget very hard over the last 2 days. Its getting worse. Every few minutes another .ru subscriber with spammy name and email addy.
What can we do?
BrianThis has been happening to me as well over the last 2 days. Is there a way to block certain country extensions?
Thanks for any assistance.
Louis
Ask the provider to block their IP address and rise the antflood time in the subscription settings.
Stefano.
Please let me know if you get fixed the spam subscription problems. This happens also to me and there is no way to stop it. I deactivated the plugin now. Would be great if the developer make a recaptcha integration option to the plugin.
The antiflood can only reach 5 minutes. Why not longer?
Does premium offer anti spam protection?
The .ru problem is growing exponentially 🙁I removed the subscribe widget completely and I put a password on the subscribe page to see if that stopped. It did not. The .ru subscribes are still coming through. There must be a back door that needs addressing I believe.
Thanks.
After removing all the Newsletter optins from our site the .ru spamming is still increasing at an alarming rate!!!
Can anyone give some support here?still the same on our site. I deactivated the plugin. If I turn it on spam starts immediatly. Hope there is a solution soon.
This botnet that acts like it is Russian really is annoying.
No option available to prevent them from directly accessing the registration url?
Must be possible to prevent them subscribing.I have the same issue on my webside.
“No option available to prevent them from directly accessing the registration url?”
What is the registration url?Kind regards, Christoph
I really like this plugin and have been using it for several years. It is rapidly becoming useless but I’m holding on hoping a fix is forthcoming. Not too much longer though.
Louis
Or an option to temporarily prevent users with mail.ru addresses which gives more time to fix the issue
Maybe a temporarily fix to prevent users to register with a mail.ru address? Gives more time to fix it.
This forum is only showing 12 posts and there seems to be no way to view all and follow the thread. No page 2, etc.
Same happened to me – before I came to this forum I thought it was a personal attack to my homepage. Now I’m a bit calmed 🙂 Looked in the ‘Newsletter Plugin’ MySQL Table, I mentioned, that the first attack was at 2018-03-13 23:03:45
As I investigated in that issue, I found, that besides the inconvinience, there’s a severe risk of our IP/Domain being blacklisted at SPAMHAUS. The only solution seems to me to include a captcha in the subscription process: https://blog.goolara.com/2016/12/21/defusing-subscription-bombs/
Because of the blacklist-risk, I have to change the automatic subscription form into a message to my potential readers: “Due to technical issues, we were forced to temporarily close automatic subscription to our newsletter service. Please send an email to me (xy@mydomain.de) and I will subscibe you to our newsletter personally.” But this is of course no longterm-solution. Is there any chance to get the Captcha-feature in the near future?
Yours Michael
Hi, the antibot feature already does few things to block the bots, but they execute even javascript. Blacklist their ip address is a viable solution.
Stefano.
Hi, the antibot feature already does few things to block the bots, but they execute even javascript. Blacklist their ip address is a viable solution.
Stefano.
Blocking the IP adress wouldn’t be an option. I selected all entries from today – all from the spammers and all come from different IPs: http://www.it-freelancer-magazin.de/wp-content/uploads/2018-03-20-07_12_02-IT-Freelancer-Magazin_db12908265-ifm_wp_newsletter_-HeidiSQL-9.3.0.4984.png
I think Captchas are the only and obvious solution to this. My hoster also give me that advice.
The Team needs to integrate a Captcha (Silent Recaptcha would work also)!!
THIS IS THE ONLY WAY!! Antiflod is no option or solution. The only way to stop it is to deactivat the plugin.
I will not renew my subscription in case there is a Captcha integrated.
So this makes me sad about this plugin. There is no quick solution if there is a big big problem like this!Hi all,
my (temporary) solution is, to block all “*mail.ru” adresses for subscription. If this fits for your needs, please adapt the following lines in the file: ..\wp-content\plugins\newsletter\subscription\subscription.php:search for this next comment statement in the file and insert the block “// begin patch for mail.ru”
…
// Shound never reach this point without a valid email address
if ($email == null) {
die(‘Wrong email’);
}
// begin patch for mail.ru
$email_contains_ru = strpos($email, “mail.ru”); // outputs greater 0 if found
if ($email_contains_ru > “0”) {
$this->logger->info(‘Subscription of “mail.ru” – address blocked: ‘ . $email);
die();
}
// end patch for mail.ru$user = $newsletter->get_user($email);
…Kind regards,
ChristophFirst: For one reason or another I can only see the first 12 posts in this thread
Second: the new update for the plugin has some errors, css I think
Third: with version 5.2.6 I have not a single spammer subscribing… Maybe reversing to this version solves it?
Same with me, no chance to get rid of these russian Spammers, so I deactivated the Plugin…very sad 🙁
Hope there will be a solution soon, as I’d really like to use it again !I added this into the subscription.php
// begin patch for mail.ru
$email_contains_ru = strpos($email, “mail.ru”); // outputs greater 0 if found
if ($email_contains_ru > “0”) {
$this->logger->info(‘Subscription of “mail.ru” – address blocked: ‘ . $email);
die();
}
// end patch for mail.ruIt doesn’t work, trying to reactivate the Newsletter Plugin I got the followig Error:
Parse error: syntax error, unexpected ‘of’ (T_STRING) in /homepages/…./wp-content/plugins/newsletter/subscription/subscription.php on line 399
Line 399 Contains $this->logger->info(‘Subscription of “mail.ru” – address blocked: ‘ . $email);
DJDaniel wrote:
I added this into the subscription.php
It doesn’t work, trying to reactivate the Newsletter Plugin I got the followig Error:
Parse error: syntax error, unexpected ‘of’ (T_STRING) in /homepages/…./wp-content/plugins/newsletter/subscription/subscription.php on line 399
Line 399 Contains $this->logger->info(‘Subscription of “mail.ru” – address blocked: ‘ . $email);
Please check for your PHP-version, what is the regular character for define a string, as there are many possibilities:
“”, ”,, ‘‘.I think, that the <‘> is causing your issue, please try <‘> first.
ChristophThanks for helping, in fact I had to replace the <‘> by <‘>
Now I’m curious if it worksDaniel
So I tried to register to the Newsletter with a fictive “mail.ru” adress and the adress was registered in the database of my Newsletter-Plugin so it seems, that the patch won’t work.
Daniel
Same for me. Why developers doesn’t comment anything? Looks quite strange. Should I delete this plugin?
the same on our side. I also deactivated the plugin. If I turn it on, spam starts immediately. Hopefully there will be a solution soon
Yesterday I did post a solution to patch subscription.php, now I will share an improved version:
…
// Shound never reach this point without a valid email address
if ($email == null) {
die(‘Wrong email’);
}// begin patch for blocking all mail adresses ending with “*.ru”
$endStr = “.ru”;
if (substr($email, strlen($email)-strlen($endStr), strlen($endStr)) === $endStr) {
$this->logger->info(‘Subscription of “*.ru” – address blocked: ‘ . $email);
die();
}
// end patch for blocking all mail adresses ending with “*.ru”$user = $newsletter->get_user($email);
…Please search the statements and copy in the // patch…
It will block all subscriptions with mail adresses ending with “*.ru”.And no, it will not prevent to make a subscription with “mail.ru2” 😉
Christoph
There is a new Version (5.2.8) today
The Update 5.2.8 doesn’t take an effect, Russian Spambots can subscribe anyway. Trying the Solution of Christoph now…
UPDATE !
Adding the Patch from Christoph doesn’t also take any effect, Spambots with .ru-Domains are not blocked. Seems that it’s the only solution to deactivate the Newsletter Plugin :-/
Very sad that there is no Support from the Develloper-Team !Daniel
With the latest update 5.3.1 it works great again …
- You must be logged in to reply to this topic.