如何防止Magento中的垃圾邮件评论 [英] How to prevent spam reviews in Magento

问题描述

我们在Magento商店中看到了许多垃圾邮件产品评论.我最近安装了Fontis reCaptcha扩展程序，以将reCaptcha表单添加到评论表单.在我所有的测试中，这都很好. 真实"用户必须填写reCaptcha部分才能提交表单.但是，这并不能解决问题.我们仍在收到垃圾邮件评论.有趣的是，这些垃圾评论也没有星级.不知何故，这些垃圾邮件机器人可以在没有所有必需信息的情况下提交评论，并且可以完全规避reCaptcha代码.关于如何解决此问题有任何想法吗?

We have been seeing a number of spam product reviews in our Magento store. I recently installed the Fontis reCaptcha extension to add a reCaptcha form to the reviews form. In all my testing, this works great. A "real" user can't submit the form without filling out the reCaptcha portion. However, this hasn't fixed the problem. We are still getting spam reviews. Interestingly, these spam reviews also don't have a star rating. Somehow, these spam bots are able to submit a review without all the required information and completely circumventing the reCaptcha code. Any thoughts on how I can fix this?

我还尝试创建一个简单的脚本，该脚本将表单字段提交给表单的操作URL进行审阅，以尝试绕过逻辑(请参见下文).我要么无法正常工作，要么根本无法完成工作，但是我总是被重定向到请启用cookie"页面.

I also tried creating a simple script that would submit the form fields for a review to the form's action URL in an attempt to bypass the logic (see below). I am either unable to get it to work or it simply can't be done, but I always get redirected to a "Please enable cookies" page.

<?php
$curl_connection = curl_init('http://my.domain.com/review/product/post/id/2587/');

curl_setopt($curl_connection, CURLOPT_CONNECTTIMEOUT, 30);
curl_setopt($curl_connection, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)");
curl_setopt($curl_connection, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl_connection, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl_connection, CURLOPT_FOLLOWLOCATION, 1);

$post_data = array();
$post_data['ratings[5]'] = '21';
$post_data['nickname'] = 'mynick';
$post_data['title'] = 'my title';
$post_data['detail'] = 'My Review Content';

$post_items = array();

foreach ( $post_data as $key => $value)
{
    $post_items[] = $key . '=' . $value;
}
$post_string = implode ('&', $post_items);

curl_setopt($curl_connection, CURLOPT_POSTFIELDS, $post_string);

$result = curl_exec($curl_connection);

echo "Curl Info:<br><pre>";
print_r(curl_getinfo($curl_connection), true);


curl_close($curl_connection);

echo "<br>Result:<br>" . htmlentities($result) . "</pre><br>";
?>

推荐答案

我最终在Fontis reCaptcha扩展程序中实施了Akismet反垃圾邮件代码，这似乎消除了所有垃圾邮件评论.机器人可以以某种方式绕过reCaptcha检查.我仍然没有弄清楚如何做，但是我想这就是将黑客与像我这样的人区分开来的原因，只是试图保持网站的正常运行.

I ended up implementing Akismet anti-spam code into the Fontis reCaptcha extension and this seems to have eliminated all Spam reviews. Somehow, bots are able to get around the reCaptcha check. I still haven't figured out how, but I guess that's what separates the hackers from guys like me just trying to keep a site up and running...

这篇关于如何防止Magento中的垃圾邮件评论的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！