Support » Plugin: Give - Donation Plugin and Fundraising Platform » Many pending or abandoned donations – probably spam?

  • Resolved dekkydog

    (@dekkydog)


    Hi there,
    I recently launched a site called https://peoplestarter.co (A few months ago). Its a philanthropic project with the aim of stimulating project collaboration between ordinary folk.

    I installed and set up the Give donations plugin just using the standard Paypal setup (Very easy) I am also running the very latest version of the plugin. I recently logged in to the site and to my surprise I noticed there are about 150 donations! (All at the set minimum of Β£5.00). Most of these are in an “Abandoned” state and about 30 are in a “Pending state”.

    I am pretty sure these are ALL SPAM entries. Especially when I know that I have yet to publicise the site in anyway…yet! And I have little users to speak of.

    Q) I noticed in (Settings / Advanced / Advanced Options) of the plugin you can tie Give with Akismet anti-spam service. How effective is the Akismet option? Are there any drawbacks?

    Any help would be appreciated.

    Many thanks in advance πŸ™‚

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Matt Cromwell

    (@webdevmattcrom)

    HI @dekkydog

    Spam donors can be problematic, it’s most likely emblematic of your site being targeted more broadly, so taking appropriate security measures (like with a WAF, CDN security, etc) would be adviseable.

    The Akistmet integration is helpful for sure. Please try that first.

    If that doesn’t help, then I’ve put together a plugin that goes a bit further. You can download it here: https://github.com/mathetos/stop-signup-spam/archive/master.zip — Just activate it and it works, no settings at all.

    Let me know how that goes for you overall.

    Thanks!

    Hi Matt,
    thanks for getting back to me so quickly. Yep I’m already using a WAF and various other security measures.

    Will check out yer plugin and Akistmet and see which performs best in my setup.

    Appreciate the help πŸ™‚

    Cheers

    Plugin Author Matt Cromwell

    (@webdevmattcrom)

    Happy to help!

    If you’re enjoying Give and appreciate our support, we’d love a kind review from you here:
    https://wordpress.org/support/plugin/give/reviews/

    Thanks!

    Reviewed πŸ™‚

    dekkydog

    (@dekkydog)

    Hi Matt,
    I am now using Akismet to help filter bogus donations – It is helping in part. However, I am still getting plenty of bogus entries? The emails seem legit but the name field entries are clearly from a bot. They all look like this:

    First Name: 5a629762894a9
    Last Name: 5a629762894f2

    Although https://github.com/mathetos/stop-signup-spam/archive/master.zip is useful its not appropriate for my setup.

    What would be nice is to have a WP filter (that I can chuck in to functions.php) that checks the first and last name fields on the donation form for a random string of either numbers and letters exceeding 4 characters long?

    OR do any of your paid add-on’s prevent this from happening?

    Many thanks in advance πŸ™‚

    Plugin Author Matt Cromwell

    (@webdevmattcrom)

    Hi there,

    That’s very odd, but I’m assuming it’s because somehow your site has gotten targeted by ongoing bot-attacks.

    We don’t have other solutions than what you’ve listed. But honestly, the best solution would be the Stop Signup Spam plugin, but adding an additional check for the first/last names. Here’s roughly how that would go:

    1) See this issue here, where they are validating a field based on it being all letters only

    2) Update this function to make the donation fail if it fails that check above: https://github.com/mathetos/stop-signup-spam/blob/master/stop-signup-spam.php#L91-L106

    That would be my recommendation — but I don’t fully understand what you mean when you say the Stop Signup Spam plugin is “not appropriate for my setup”.

    Plugin Support Ben Meredith

    (@benmeredithgmailcom)

    Hi there!

    We haven’t heard back from you on this issue, so we’re assuming it’s resolved. Let us know if that’s not the case, and we’re more than happy to continue in helping resolve this.

    ​Thanks for using Give! Have a great day!

Viewing 7 replies - 1 through 7 (of 7 total)
  • You must be logged in to reply to this topic.