Security issue: Spam over /index.php/lists/XYZ/subscribe

Discussion in 'General discussions' started by p.am, Nov 19, 2018.

  1. p.am

    p.am New Member

    Joined:
    May 8, 2018
    Messages:
    7
    Likes Received:
    2
    S.E:
    Expired
    L.T:
    Extended
    L.C:
    1
    Hi,
    we have spam issues over a certain URL because it allows direct POST-Requests.

    The system has the ability to create subscribe forms. All these forms post their data to this URL: "/index.php/lists/XYZ/subscribe". The issue with that is, that bots easily mass-post email addresses to that URL and spam mails get saved to the database.

    The url "/index.php/lists/XYZ/subscribe" needs some type of spam protection like Google ReCaptcha or at least a honeypot.

    Please fix.
     
  2. twisted1919

    twisted1919 Administrator Staff Member

    Joined:
    Dec 27, 2014
    Messages:
    10,379
    Likes Received:
    2,411
    @p.am - recaptcha is already available in your app, enable and configure it.
     
  3. p.am

    p.am New Member

    Joined:
    May 8, 2018
    Messages:
    7
    Likes Received:
    2
    S.E:
    Expired
    L.T:
    Extended
    L.C:
    1
    Thank you.
    We did not know that ReCaptcha comes over an extension. After enabling and configuring everything works fine.
    Problem solved.
     
    twisted1919 likes this.

Share This Page