Jump to content

cables24h

Members
  • Content count

    197
  • Joined

  • Last visited

1 Follower

Recent Profile Visitors

727 profile views
  1. cables24h

    HoneyPot Captcha

    At the end.............. You go figure it all have to do with it. That you are doing THAT ( so what you do). There is much room open for many others to tackle that. To goal is to prevent. To monitor ( what means storing form $_POSTS................ mwaaaaaaaaaaa , i think that is a most unwanted subject of the cause). At the end............ if it is HoneyPot, a GUARDIAN SYSTEM, or google reCaptchaV2 or google reCaptchaV3 ( you tried v3?). osCommerce users simply do not like to be spammed. If put that first and can agree on that. That would might be a step forward for the whole community.
  2. cables24h

    Generated link Concept

    You figured it.......... good someone sees it.
  3. Sorry................ i cannot . Let me trow up an idea and let YOU and the rest either give it a go... or reject it by good argumentation. We use in oscommerce for all links: - tep_href_link What if use for the above listed pages: - tep_gen_href_link ( where _gen means: Generated link) So if DIRECTLY goto contact_us.php and there is no KEY provided that matches. You already know it is a bot. Give it a thought. I not say it go cover all problems. Now i really stop.
  4. cables24h

    HoneyPot Captcha

    Let me go back to what i was actual saying... get rid of a static page like: - create_account.php - contact_us.php - tell_a_friend.php - product_reviews_write.php These are the pages targeted by bots. These are the least interesting pages to show up in search engines. And when eliminate these, it "perhaps" prevent most of the BOTS. For sure , any protection could benefit your store. But i think it is better to look at the root of the problem. By given advice, i step out of this conversation.
  5. cables24h

    HoneyPot Captcha

    I not want to be a game breaker here. But for the address part, google seemed to took care of it as well. Google: Autocomplete Address Form I just want to point out that most of the problems are covered in so much ways and by so much people and company who offer solutions. I perhaps stirred the pot a little here. But i think in the end it the discussion was worth it. I definitely noticed that what i mentioned gave some second thoughts. Nothing of what i Sayed was to hurt anyone in one way or the other, or try to let them look bad. I think with what i told, opened doors to other views. There is a real difference in running a shop or a forum or a blog. I understand , the quicker the process, no burdens in registration etc, could make the purchase of an item quicker. But it is good to talk about it, and even more........... to listen what the other say or try to understand I excuse to anyone who felt or thought i was or that i am a disturbing factor.
  6. cables24h

    HoneyPot Captcha

    No need to Noodle. What is say is right. Your DB MIGHT be flood. Who cares if it is a legit user or not. He never buy anything. Remove them from DB, no need of them. Even the "legit ones"............. they not buy. Useless. Drop them. A serious problem is the "contact_us.php" for a SHOP OWNER. That is kind of pages should be somehow be protected.
  7. cables24h

    HoneyPot Captcha

    Is it not here where it all starts from? As soon when fill the form, osCommerce instantly log you IN. Right? you can put anything you want in the registation and it it is accepted. WORSE........... you are instantly logged.......... right? Do not blame me here as the MESSENGER.
  8. cables24h

    HoneyPot Captcha

    Stupid argumentation You not VERIFY anything. The address of the user is not verified. for THAT NO legitimacy is conserved during the register process. ( this could be blamed to osCommerce itself or to module makers who chosen to cover this kind of failure) Not a legit resource to start with.
  9. cables24h

    HoneyPot Captcha

    Here there is a compromise. Now it is the job to put it in oscommerce with a click and GO. reCaptcha is there. HoneyPot is there. How can put in in osCommerce without change a single line of core code? What is need to allow BOTH kind of protection into osCommerce and keep EACH as an individual module, still............ somehow..... ( not osCommerces problem), work together. All the others seem to manage THAT. Just NOT osCommerce.................. how is that?
  10. cables24h

    HoneyPot Captcha

    So much lost souls (here). Completely out of reality. I wait for the first person saying using the internet affect global warming. It might not be said here............. i not doubt it is mentioned somewhere else. It might just go take some ............. To who i talking? The mixture of just some peep who own a shop.......... a mixture of someone who is just likes coding? ( for sure talented in some way) But their is a real lack of thinking going on here............ Their are billion worth company's DOING what is been discussed here. I think should now your position in it. my 5cents for today. ( hey........... i do not have to bring good news)
  11. cables24h

    HoneyPot Captcha

    The internet is not SWEDEN ( it is a lost continent already btw)
  12. cables24h

    HoneyPot Captcha

    Why people who using the code, post it is override? How is that happen? The technique is known by the bots. So are the pages where they fire on. There is the real prob, it is an invitation. Keep in mind.......... i RESPECT the effort. But when a company like google that have millions to spend............. Let it go in your mind. I not say ,one cannot be unique.
  13. cables24h

    HoneyPot Captcha

    Put a list what they complain about. I am curious.
  14. cables24h

    HoneyPot Captcha

    Perhaps should list why you are attacked. If something in your website reference to something like "osCommerce". You are simply on the list of the attacker. That's all. Static pages "login.php"/"register.php"/"contact_us.php"/"account.php" these are first to attack.
  15. cables24h

    HoneyPot Captcha

    one question to the dev's and users. Does google's reCaptchaV2 or even reCaptchaV3 not prevent current registration issue's, or contact_us? Use it, does not prevent you from storing milancious [ sorry for not phrase the word correctly] users/ip's. Honeypot concepts are outdated and widely covered in reCaptcha. What is the extra? I just wonder.
×