Dear Jose,for a few months I get some spam issues using the JSN Uniform extension for contact form.Using RE-CAPTCHA v2, INVISIBLE RECAPTCHA or SECURIMAGE don't change anything.Last week I got an EMail from my internet provider, telling me that my EMail account used for this extension has probably beeing hacked because it has been used for spam issues.This EMail account is ONLY used for the form answer and has a real complex password.Therefore I'm wondering if the module hasn't been hacked.Informations:PHP 7.4.11Joomla 3.9.23JSN Uniform 3.9.23I use SecurityCheck Pro to secure the site. I receive at twice a day a firewall issue to inform me that there are hacking trials. You'll find attached the log file from the firewall. You'll see there are issue about com_uniform module. Maybe this could help you.I keep all module up to date and block every IP address in firewall warnings but this don't change anything.I couldn't get any help from Joomlashine about the module, and don't know if there could be a solution to block these spam using Securitycheck.Thanks for your helpDenis
Last edit: 9 months 4 weeks ago by Jose. Reason: Remove attached file
it looks like if for each entry blocked by Securitycheck there is no mail received in JSN Uniform, so that's fine.
But I still receive some spam, neither blocked from Securitycheck nor from JSN Uniform with ReCaptcha activated.
You'll find hereafter the received spam Emails.
Regarding your last question, I got only once an alert from Securitycheck about a file modification, but it was a spam in which there was an attached file. No security issue found in this attachment. This was the first time I got this alert.
Cron is activated every 4 hours.
I changed also 2 parameters. Don't know if this was right ... (see screen copy).
Delete com_uniform from xss exceptions and replace "input a" for "a". This will filter all the emails with a href tag into it (almost 99% in my case).
However, if you're receiving only emails you should have not been warned by your hoster... Anyway could also ask them to configure DKIM and SPF policies in your email accounts as a way to prevent someone send emails with your accounts out of your domain.