Score:0

Drupal

How can I stop Webform Spam?

Dorian Winterfeld

3/22/23, 9:39 PM

We are getting spam from a simple Contact Us webform. We are running Drupal 7, using the Captcha and Honeypot modules. The Captcha challenge is set to image and the Honeypot time limit is set to 4 seconds and in enabled for all webforms. But we recently started to get spammed at the rate of 4 or 5 posts per minute, all from different gmail or ru addresses. For the time being we unpublished the offending webform. Does anyone have advice on what else we could try?

169

0 + 0

webforms

captcha

Score:2

Drupal

Lambic

3/22/23, 9:49 PM

Here are some things to try

Set the honeypot element name to something else
Set submission limits by ip address on the webform
Set submission limits by cookie on the webform
Try reCaptcha v3 if you're still using an older style Captcha

The downside to submission limits is that people on shared computers/networks might get blocked, and if you use a cookie then you have to deal with cookie legislation.

The downside to ReCaptcha is you're letting Google decide who the spammers are. May not be a downside depending on your views toward Google.

0 + 0

No Sssweat

3/22/23, 10:11 PM

Try `reCaptcha v3` from my experience, it doesn't work well. I found v2 to be more effective (<- I'm talking about the Google Captcha version and not the Drupal module version). **PS:** Don't forget to checkmark `Enable fallback for browsers with JavaScript disabled` in the ReCaptcha module settings.

sonfd

3/23/23, 4:46 PM

Another thing I’ve used with some success is the [Antibot module](https://www.drupal.org/project/antibot). Though it does require javascript be enabled.

berramou

3/24/23, 9:58 AM

this module is helpful too https://www.drupal.org/project/webform_spam_words

Score:1

Drupal

Rainer Feike

3/24/23, 11:25 AM

I use the backend of https://www.stopforumspam.com/ together with honeypot very successful. But you have to check if the SFS metrics match your user risk profile.

Not sure if there's a module but here's my code if you like to copy paste and play with it...

  /**
   * @param $ip - ip or ip[]
   * @param $name - name or name[]
   * @param $email - mailadr or mailadr[]
   *
   * @return float|int - the average spam confidence of api.stopforumspam.org
   */
  public static function checkStopForumSpam($ip, $name, $email) {
    $client = Drupal::getContainer()->get('http_client');
    $endpoint = 'https://api.stopforumspam.org/api';
    $names = $mails = [];
    if (is_array($name)) {
      foreach ($name as $n) $names[] = urlencode($n);
    } else {
      $names[] = urlencode($name);
    }
    if (is_array($email)) {
      foreach ($email as $n) $mails[] = md5($n);
    } else {
      $mails[] = md5($email);
    }
    $postdata = [
      'form_params' => [
        'username' => $names,
        'emailhash' => $mails,
        'ip' => $ip,
        "badtorexit",
        "json",
        "unix"
      ],
      'headers' => [
        'Accept' => 'application/json',
      ]
    ];
    try {
      $response = $client->post($endpoint, $postdata);
      $response_data = json_decode((string) $response->getBody(), TRUE);
    } catch (\Exception $e) {
      $response_data = [];
      $response_data['success'] = 0;
      Drupal::logger('asdentbase')->error('stopforumspam exception '.$e->getMessage());
    }
    $confidence = 0.0;
    $conficount = 0;
    $confimax = 0;
    array_walk_recursive($response_data, function ($v, $k) use (&$confidence, &$conficount, &$confimax) {
      if ($k == 'confidence') {
        $confidence += $v;
        if ($v > $confimax) $confimax = $v;
      }
      if ($k == 'value') {
        $conficount++;
      }
    });

    $sumconfi = $conficount == 0 ? 0.0 : $confidence / $conficount;
    if ($confimax > 80) {
      if ($sumconfi < $confimax) $sumconfi = $confimax;
    }


    return $sumconfi;
  }

0 + 0