From the log files, looking for / fr / contact us (part of the URL of the support request page, check your URL) it becomes clear that a bot with IP xxx.xxx.x55.29 and xxx.xxx.x55.29 is sending continue contact requests. We can also check where the attack really comes from (there are many services available on the WEB) for example: https://www.tcpiputils.com/
If you are a masochist and do not have PLESK or other control panel of your service you can download the log file locally and use the glogg utility to search within the same file. I admit I learned just by struggling with insufficient resources and in periods where every single MB cost as much as a month's salary, but if your aim is to do business online with your ecommerce I will never get tired of saying it: do not skimp, because you you will regret.
All that remains is to block the two IPs to do so we have various options to use one of the many modules available for PrestaShop such as " Block Bots / Users based on IP, Country or User-Agent " or to modify the .htaccess file this more complex operation, let's see an example :
WE INSERT AFTER THE LINE:
# ~~ end ~~ Do not remove this comment, Prestashop will automatically keep the code outside this comment when .htaccess will be generated again
THE FOLLOWING DIRECTIVES :
SetEnvIf Remote_Addr XXX.XXX.X55.31 bad_user
SetEnvIf Remote_Addr XXX.XXX.X55.29 bad_user
Deny from env = bad_user
ErrorDocument 403 /error403.html
That is the IP that we want to exclude, in this way you will receive the 403 error page: access denied. We can also decide to redirect traffic elsewhere. In the case In the example (which is a real case anyway) the SPAM came from South Africa. Alternatively we can also choose, if we do not market in that state and have no plans to do so in the future, to block all traffic from that country.
To exclude a country we must use the international acronym that identifies the same in the case of South Africa is ZA therefore:
SetEnvIf GEOIP_COUNTRY_CODE ZA bad_user
Deny from env = bad_user
ErrorDocument 403 /error403.html
Note : the ban for coutry requires mod_geoip to be active on your hosting.
To keep everything safe: once the IPs responsible for SPAM are banned, you will automatically no longer receive any. But it is always better to be safe than sorry as if the bot changed IP automatically the problem would reoccur, so it is advisable to directly enter a reCAPTCHA in the PrestaShop contact form. Also for this there is an excellent Add Google reCAPTCHA to store forms module developed by InnovaDeluxe. It is important to update to the PrestaShop version, on some older versions even adding a reCAPTCHA filter will not solve the problem.
If you ask yourself why not limit yourself to simply inserting the r eCAPCHA , the reason is very simple. These Bots do not check the outcome of the sending, so the automatic program would continue to try to send the SPAM consuming resources because at each sending our SERVER will process the request. By banning IP we will therefore consume fewer resources, leaving them available for that quality traffic that brings us conversions.
NOTES : much more serious and annoying is when the " SEND TO A FRIEND " module is targeted, which I recommend to uninstall completely, it is not enough to deactivate it. A bot that uses this module can lead you to the temporary suspension of the email account you have configured in prestashop up to a ban on the IP of your server. So if you receive many failed delivery in your mailbox that you use for your e-commerce, correct them immediately.