Hi there. I use payment form on my website. Till few days ago securitycheck was very efficient in blocking spammer bots to fill the form but lately there is one spammer (always same name with different prefix) who somehow fills the form few times a day and it is very annoying. Is there something I can do about it? I dont use captcha because it is annoying and your software did block spammers very good till this one.
Maybe now they are not including urls (the most common way to detect spammers) in form fields... Can you post (or send me to the email from which you receive forum notifications) an example of what are they posting?
I usually see spam in contact forms, not in payment forms... How does this payment form work? It creates an user in the system after the payment?
The payment form I use is just like contact form it just add payment and calculation of price funcionality:
I like it because people doesnt like to use registration because they forget password, username etc. It dosent create a user I just get the information to my mail, so unfortunately I dont receive the spammer email (just the one he enters in the form (with random nickname).
Usualy i get following string in Securitycheck when it blocks the spammer: Tags stripped from string (possible XSS attack) :[POST:comment]
but not for this spammer...
spammers usually try to add a link or other html code, and the XSS filter caught all of them. If someone is not using code in your form's fields it's really complicated to distinguish between a spam and a valid submission...
I asked you about the registration in your site because the spam protection module checks the username, IP and/or email against the stopforumspam database, but in this case this is not applicable.
Do you have the IP of the spammer? If so you can (geo)block it (if the extension doesn't store it you can check your server logs).
If this doesn't work we can try adding some common words to the second level filter, but this could give you more false positives.