or send us a message

Blocking spam bot customer registration

Written by: Tom Dollar, On: Thursday 4th January 2018

In the last few months there has been a huge effort by malicious spam bots to create customer accounts on Magento websites across the globe. The bogus accounts are very easy to spot – they contain advertising text and links within the name and address details in the hope that the email address they enter will then get visibility of their links.

In almost all the cases we’ve seen, the targeted email domain to receive these spurious comms is @mail.ru.

You can, and probably should add captcha to your registration forms, but some bots are able to spoof these and captcha is pretty rotten for your real users – especially on a smaller device.

So we’ve created a plug-in for Magento2 which will interrogate the account registration request and block it if the email address is from domain mail.ru or 163·com. It’s free to download and very easy to install.

You are free to modify it for your needs too. If you would like to block other email domain names from registering, simple open the file;


/app/code/PixieMedia/Emailcheck/Model/Plugin/Controller/Account/RestrictCustomerEmail.php


And edit line 57 like this;

Before:


$email = $subject->getRequest()->getParam('email');
        list($nick, $domain) = explode('@', $email, 2);
        if (in_array($domain, ['163.com', 'mail.ru'], true)) {


After...


$email = $subject->getRequest()->getParam('email');
        list($nick, $domain) = explode('@', $email, 2);
        if (in_array($domain, ['163.com', 'mail.ru','somedomain.co.uk','another.com'], true)) {


Happy coding!


FREE DOWNLOAD

Pixie Media

We are a Devon web design, ecommerce and branding agency, specialising in Magento eCommerce. With over 15 years experience, we offer complete digital solutions to clients across the globe.

Magento Business Partner
Pixie Media - Devon's first Magento Partner Agency
We Specialise In;