VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 General help me questions
 Huge amount of SPAM in Reviews
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Mark Priest
VP-ASP Expert

United Kingdom
570 Posts

Posted - January 19 2007 :  09:40:34  Show Profile  Reply with Quote
Hi There,

We are seeing an increasing ammount of SPAM posts being posted for reviews of product accross all our stores.

I think something needs to be done to stop or reduce this immediately.

Firstly.

Do not allow the posting of HTML in reviews STRIP the code out.
Secondly, only allow registered users to review products. This makes sense anyway really.

Anyone else got any comments on this.

Regards,

Mark

elammers
VP-ASP Super User

USA
256 Posts

Posted - January 19 2007 :  10:33:13  Show Profile  Visit elammers's Homepage  Reply with Quote
I think there are many possible solutions to this and probably none are a global solution for everyone. So maybe we can all list various ideas here for different situations. I have seen weird spam type emails that look like they are attacking one of our carts' reviews system too.

SOLUTION #1 - block by IP
For that particular cart, the merchant only sold to US and Canada, and when I check the web logs, it looked like the attack was coming from various Asian countries like China and Taiwan. Therefore I simply edited the .HTACCESS file to deny access by IP of those specific areas. Helpful site to decipher IP locations: http://www.ip2location.com/free.asp



Regards,

Eric in Maine
Go to Top of Page

support
Administrator

4266 Posts

Posted - January 21 2007 :  03:39:58  Show Profile  Visit support's Homepage  Reply with Quote
Hi Mark,

In version 650 we have included a check to see if it is a bot adding the post or not. The user needs to type in the letters from the image to prove it a real person making the post.

Thanks
Cam

VP-ASP Support
Go to Top of Page

Mark Priest
VP-ASP Expert

United Kingdom
570 Posts

Posted - January 21 2007 :  18:48:23  Show Profile  Reply with Quote
Hi Cam.

Thats great, but I don't thin kits just bots, its actual people too, so other prevention measures would be good.

Eliminating HTML straight away would stop 99% of these posts, they only do it to link to other sites. and i dont see any reason to need to post HTML in reviews.

Regards,

Mark
Go to Top of Page

BILLCAT
Starting Member

USA
40 Posts

Posted - January 22 2007 :  12:52:11  Show Profile  Visit BILLCAT's Homepage  Reply with Quote
Cam

How do we activate the image encryption you mentioned above?

your said"The user needs to type in the letters from the image to prove it a real person making the post."

Thanks
Bill
Go to Top of Page

support
Administrator

4266 Posts

Posted - January 22 2007 :  16:39:48  Show Profile  Visit support's Homepage  Reply with Quote
We are working on making this a module currently for version 6093.

It will not unfortunately be available for earlier versions as it involves changes to too many core files as it affects not just reviews but also contact pages and really anywhere submissions can be made.

It will be available out of the box in version 650.

Thanks
Cam

VP-ASP Support
Go to Top of Page

Mark Priest
VP-ASP Expert

United Kingdom
570 Posts

Posted - January 22 2007 :  17:00:43  Show Profile  Reply with Quote
Hi Cam,

Thats great news.

Can anyone shed any light on the code to strip HTML from the posts, im sure this would be very easy to impliment.

Regards,

Mark
Go to Top of Page

BILLCAT
Starting Member

USA
40 Posts

Posted - February 01 2007 :  22:03:26  Show Profile  Visit BILLCAT's Homepage  Reply with Quote
I have added image verification to the reviews section of vpasp 6.093 and it seems to have stopped the spam reviews

see link below
http://www.essentialsbycatalina.com/shop/shopsreviewadd.asp?id=25

vpasp used captcha for the verification script and is available from their download area if you have a purchased copy of vpasp.

Note: That it only works with version 6.093 and will be part of the up and coming v6.50.

Also note : that the instructions from vpasp on istall is missing soem instruction, in additionif you have modified yoru original files you are best to manually copy the new code into your files instead of just replacing them with the update files you get viw the vpasp email.

Let me know if you have questions.
Go to Top of Page

Mark Priest
VP-ASP Expert

United Kingdom
570 Posts

Posted - February 09 2007 :  09:37:02  Show Profile  Reply with Quote
Can someone point me in the direction of the download, i cant find it.

Regards,

Mark
http://www.fireworkcrazy.com
Go to Top of Page

extremeskillz
VP-ASP New User

USA
94 Posts

Posted - February 09 2007 :  11:44:10  Show Profile  Reply with Quote
me neither.
Go to Top of Page

BILLCAT
Starting Member

USA
40 Posts

Posted - February 09 2007 :  22:53:39  Show Profile  Visit BILLCAT's Homepage  Reply with Quote
GOTO THE FOLLOWING LINK

http://www.vpasp.com/sales/addons600.asp

AND SELECT "CAPTCHA email form validation"

Enter your order # and email and they will send it to you via email within minutes, instructions are included. Remember if you have customized your cart and is now different from the original then it would be best to use a program like winmerge and migrate the changes from the captcha files you get from vpasp to your own files. I mean customized like you have changed the code inside the asp files, not talking about setting features in admin. If you have not customized the code then just copy the files vpasp send you over yours. Always a good idea to backup everything first.

In addition If you only want to add captcha to the reviews area then all you need to update is the shopreviewadd.asp file and the shop$db.asp . Ofcoarse you also need to upload the captcha folder vpasp sends you to your shop folder on the server. If you want captcha to work for all areas like contact us, tell a friend, etc then just do all the files they give you.

** The most important thing to remember is that the captcha will only work with vpasp version 6.093. If you want to wait for version 6.50, VPASP tells me it should be out in a couple of months and Captcha is already built in.

P.S. I am working on the extra code for captcha that will allow a customer to hear the code from their speakers, that way it will allow visually impaired persons to hear the code. That should also satisfy the other users out here that think captcha is wrong for us to use, just because they don't have a spamming problem and have the time to bring it up. The rest of us suffer with endless manual deleted of spam in our reciews. I have had no more spam reviews since i put in captcha.

Bill
Go to Top of Page

anathanson
Starting Member

31 Posts

Posted - November 10 2008 :  17:59:58  Show Profile  Visit anathanson's Homepage  Reply with Quote
Sadly, I'm noticing spam reviews coming in, even though we have 6.5 with captcha on. Anyone else experiencing this? I'm thinking that the spammers have either cracked the simple captcha in use, or it's a live spammer going in and posting. Seems automated though, always on the same product and usually the same time of day.

Any thoughts?
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000