Spammers submitted hundreds of forms recently

bobbingwide / oik

OIK Information Kit

https://www.oik-plugins.com/oik-plugins/oik

GNU General Public License v2.0

2 stars 0 forks source link

Spammers submitted hundreds of forms recently #221

Open bobbingwide opened 12 months ago

bobbingwide commented 12 months ago

Just recently I started receiving a spate of spam submissions.

The general format of the submission was:

contact name: contained an URL email: was a gmail address subject: contained an URL message: was blank

Also:

The honeypot field was left blank, as expected
the nonce was correct.
the IP addresses changed between submissions
In my email client quite a lot of the emails were marked as Junk, but others remained in the Inbox

Workaround

I removed the contact form from the page.

bobbingwide commented 11 months ago

Proposed solution

Don't accept contact name containing an URL
Don't accept subject containing an URL

bobbingwide commented 11 months ago

While testing in PHP 8.2 I got these deprecated messages

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in C:\apache\htdocs\wordpress\wp-content\plugins\oik\includes\oik-contact-form-email.php on line 21

bobbingwide commented 11 months ago

Don't accept subject containing an URL

The improvement to bw_basic_spam_check() doesn't perform the check against the subject. This needs to be passed in the $fields array. Note: The Akismet check doesn't use this field.