Spammers submitted hundreds of forms recently

bobbingwide / oik

OIK Information Kit

https://www.oik-plugins.com/oik-plugins/oik

GNU General Public License v2.0

2 stars 0 forks source link

Spammers submitted hundreds of forms recently #221

Open bobbingwide opened 1 year ago

bobbingwide commented 1 year ago

Just recently I started receiving a spate of spam submissions.

The general format of the submission was:

contact name: contained an URL email: was a gmail address subject: contained an URL message: was blank

Also:

The honeypot field was left blank, as expected
the nonce was correct.
the IP addresses changed between submissions
In my email client quite a lot of the emails were marked as Junk, but others remained in the Inbox

Workaround

I removed the contact form from the page.

bobbingwide commented 1 year ago

Proposed solution

Don't accept contact name containing an URL
Don't accept subject containing an URL

bobbingwide commented 1 year ago

While testing in PHP 8.2 I got these deprecated messages

Deprecated: str_replace(): Passing null to parameter #2 ($replace) of type array|string is deprecated in C:\apache\htdocs\wordpress\wp-content\plugins\oik\includes\oik-contact-form-email.php on line 21

bobbingwide commented 1 year ago

Don't accept subject containing an URL

The improvement to bw_basic_spam_check() doesn't perform the check against the subject. This needs to be passed in the $fields array. Note: The Akismet check doesn't use this field.