Jump to content
valquiria23

reCAPTCHA addon recommendation

Recommended Posts

Hi all,

What addon of reCAPTCHA do you recommend installing for an oscommerce EDGE version prior to Frozen?

Kiss

Valqui
 


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites

Hello ,

I see that @Demitrypublished an addon in the market. Somebody tried it and can you tell me about his experience?

Best regards

Valqui


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites

what's the link to the addon? I don't think there really is something acceptable to use.

Share this post


Link to post
Share on other sites
22 hours ago, valquiria23 said:

What addon of reCAPTCHA do you recommend installing for an oscommerce EDGE version prior to Frozen?

Recaptcha is googles method of protection. I'm not aware of an addon for the latest Recaptcha version, though there may be. You might want to use the Honey Pot addon instead.

Share this post


Link to post
Share on other sites
20 minutes ago, Hotclutch said:

what's the link to the addon? I don't think there really is something acceptable to use.

https://apps.oscommerce.com/f2UI4&recaptcha-2-form-validation-for-bs-edge


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites
2 minutes ago, Jack_mcs said:

Recaptcha is googles method of protection. I'm not aware of an addon for the latest Recaptcha version, though there may be. You might want to use the Honey Pot addon instead.

Hi, @Jack_mcs

My hosting blocked the mail () function of PHP and it asks me to install reCAPTCHA to be able to activate it.

The hosting asks me that the new configuration of the contact forms in our services when sending emails from PHP will be through the SMTP protocol.

What function does OSCOMMERCE EDGE use to send emails?

Best regards

Valqui


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites
4 minutes ago, valquiria23 said:

What function does OSCOMMERCE EDGE use to send emails?

It uses the function configured in php, which is the mail function. SMTP is usually used on a Windows server. There is a setting in admin->Configuration->Email Options where you can change that.

I don't think your host is saying you have to use Recaptcha. I think they are saying your contact us form was found to be sending out spam and it has to be fixed. Recaptcha is the most-often recommendation hosts make. We do this with our hosting members. If an account is found to be sending out spam, they are told to either fix the script, usually Contact us or Tell A Friend, or to remove those options from their site. That is probably the case for you though you would need to ask your host to be sure.

Share this post


Link to post
Share on other sites

Dear, @Jack_mcs

I have a linux server, is changing the setting in admin->Configuration->Email to  SMTP going to work? or do I need to make changes the code and correct it tu use SMTP so that it does not use the mail () function?

Yes, spam was sent from the Contact us form and the mail () function was blocked, now no form works :(

I think that installing reCAPTCHA will be the easiest solution, what do you think?

Best regards

Valqui


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites

You can safely change that setting and then try sending an email from admin->Tools->Send Emails. I've seen sites where changing it caused the mail not to work and others where it didn't make a difference.

You could install the phpMailer. I don't know how much needs to be changed for it to work in a Frozen shop but it does work fine once installed.

Honeypot is an easier install than Recaptcha, in my opinion, but whichever you prefer should satisfy your host.

Share this post


Link to post
Share on other sites

OK, it turns out that the site is very old (osCommerce 2.2-MS2). I'm going to have to migrate it to EDGE or Frozen very soon.

While the hosting enabled me the mail () function again.

Thanks to all who answered me.

Best regards

Valqui


Setting up a new Frozen site with so many nice addons available on the market. 

The Phoenix Club won't allow me to join - why not?

:heart: Community Oscommerce fan :heart:

 

Share this post


Link to post
Share on other sites

It's not clear that CAPTCHAs or reCAPTCHA do more good than harm. Bots have gotten so good at processing them that you can say that a CAPTCHA is more likely to exclude a human than a bot! If such challenges are going to do any good, they will need to look at how the puzzle is solved (including timing and minor mistakes) to see that it's a human and not a perfect bot. Of course, bots will then be modified to look more like humans in how they work the puzzle... In the end, the behavior once "inside the gates" will have to be monitored to detect bots and/or spam content being sent, rather than trying to keep bots out.

Share this post


Link to post
Share on other sites
4 hours ago, valquiria23 said:

OK, it turns out that the site is very old (osCommerce 2.2-MS2). I'm going to have to migrate it to EDGE or Frozen very soon.

Honey Pot will run on the old versions. It just needs a few more changes. Spammers can't get by it on the contact us page because it uses php to check the emails. You should install something on your contact us page unless you will be upgrading very soon because the spammers will keep coming.

Share this post


Link to post
Share on other sites

Will "Slide to Submit" work with a screen reader, or someone with dexterity problems who can't use a mouse? There are all sorts of visual puzzles and whatnot meant to confound a bot, but many of them exclude handicapped users, too. In some situations that will actually be illegal discrimination! So, be careful using such CAPTCHAs.

Share this post


Link to post
Share on other sites
On 3/14/2019 at 11:00 AM, valquiria23 said:

I have a linux server, is changing the setting in admin->Configuration->Email to  SMTP going to work? or do I need to make changes the code and correct it tu use SMTP so that it does not use the mail () function?

Yes, spam was sent from the Contact us form and the mail () function was blocked, now no form works

The method used to send mail (mail function or SMTP) has no direct bearing on spamming. The spammer was using some function (Contact form) further up the food chain to generate the spam. It is irrelevant whether PHP mail() or SMTP was used to send it out, unless your host has some sort of spam-blocking implemented for one but not the other. That could be why they asked you to switch to SMTP, or it could be for some entirely different reason (you should ask, just to know what's going on). Anyway, the spam-blocking (some sort of CAPTCHA or other anti-bot challenge) needs to take place in your application where the spammer is operating, such as at the Contact form, before it gets to the mailer. Simply changing the mailing method from mail() to SMTP will do nothing to control spam from your Contact form (although your host may then be able to intercept spam). And as mentioned before, reCAPTCHA is a specific, widely-used anti-bot CAPTCHA, but it's not the only game in town. If your host demands reCAPTCHA specifically, they're idiots and you need to find a new host.

By the way, it's well known that CAPTCHAs are almost useless today, as bots have gotten so good at using them, so don't expect miracles (especially with any widely-used one such as reCAPTCHA, which hordes of bots can crack). Also, you may notice that reCAPTCHA images are heavy on recognizing vehicles, traffic signals and signs/markings, street signs, crosswalks, pedestrians, and the like -- it's widely suspected that Google is using reCAPTCHA to train its AI  for self-driving cars (and you're not being paid for your participation).

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×