Bots still subscribing even with reCaptcha

Hello,

I had about 30 bot subscriptions each day so i desactivate all subscription pages but 1, on which i installed the reCaptcha plugin and it seems to work.
But i still get bot subscriptions !

How can i track the problem ?
Is there a way to get the URL of the page used for subscription ?

Thanks !

T.

Hi

I have the same problem. The bots are still subscribing although there is now ReCaptacha, and even after I changed the list name, the subscribe notices still show the old name, but the emails are not actually subscribing when I look for them.

I blocked the bot IP in .htaccess file, in Cpanel and in Cloudflare, but still get notices. The Ip also changes, but still.

Example:

noelmutamba@outlook.com has subscribed

Subscribe page: 2
First Name = asd
Country =
Last Name = asasd
No user details changed

List Membership:

  • Pinot Noir Newsletter

What do you mean by this? Does the email address that you showed noelmutamba@outlook.com exist in the database?

I don’t know enough about recaptcha to know whether it is likely that bots can now circumvent it.

Hi @duncanc

Thank you very much for your help.

I think the bot people wrote the script some time ago, so now they still try to subscribe. Even though the emails are not in the database, I still get the notification that they subscribed.

One reason I think the subscription does not show in the database is that I changed the name of the list. In the notification, it still shows up as the old list name.

Another reason that the subscriptions do not show could be (I am guessing), because I blocked certain IPs in the .htaccess file in the phplist folder, with lines like:

Deny from 159.242.234.146

The problem now is more the unnecessary notification, than the actual fake subscription.

Thank you very much for your help.
Much appreciated.

@Turkey99 From what I can see, if the notification of a subscription is sent then the subscriber has been added to the database. Also, the list name shown should be the current name. The list name that is in the subscribe form does not appear to be used anywhere.

Use the Search subscribers page to try to find of the email addresses. They should exist but be unconfirmed.

The .htaccess file should block the page request before it gets to phplist. If you are receiving notifications then the subscriptions must be originating from a different IP address to those in the .htaccess file.

Hi $duncanc

Thank you again for your help.

Just to confirm:
• Even though the notification of subscription is sent to me, the subscriber is not on the subscription list or anywhere when I search
• The name of the list on the confirmation email that I receive every day is an old name for the list, not the current name. The number of the subscribe page is also not used anymore.
• The list name I showed in my example was for a name I made up as an example.

When I use the Search Subscriber page( I have downloaded your subscription plugin that also works great), the emails do not exist.

I understand that the IP can change, that is something I will just follow up with.

This is not a major thing at all, just weird. I think somebody’s bad bot script is messing with me.

Thank you for your help.

Hi

This might just be a security issue, that is why I am posting about it. I have this issue on two of our domains, where bots subscribe, and on the one domain where I changed the name of the list, the notifications still come through, although the emails are not subscribed.

image

@Turkey99 I don’t really understand what is happening. Can you give me access to your phplist? If so, then send a private message, click on my image, and let me have the URL and admin access details.

@Turkey99 Can you view the headers of one of those emails to see where and when they came from?