Hi experts,
VirtueMart 3.0.18
Joomla 3.6
php 5.6
Recently our web site had hankered attack, he could register form without passe those required input ( like last name, first name, country etc) and just enter email/user name for successful registration,
see attached photo
After is our other user will receive those attack registratios to her emailbox, do someone has the same experience?
How could I resolve this problem?
thank you
Doubt this has anything to do with VM
They have access your your JOOMLA registration form and this is how they are registering
try https://www.florihana.com/en/?option=com_users&view=registration & https://www.florihana-usa.com/index.php?option=com_users&view=registration
I always redirect the joomla reg form to the VM form
Quote from: GJC Web Design on August 23, 2017, 16:51:28 PM
I always redirect the joomla reg form to the VM form
Interesting, how you do that?
quick and dirty way in over ride the templates\xxxx\html\com_users\registration\default.php
and add at the top
defined('_JEXEC') or die;
header("Location: https://www.xxxxx.com.au/{vm-reg-page}");
die();
could be done nicer with JRoute etc
:) :) :)
thank you GJC Web Design
So anybody could be easily register from Joomla Form through this URL: https://www.florihana-usa.com/index.php?option=com_users&view=registration
But I just wonder how it does happen for normal user to find this url to register cause the correct url should be:https://www.florihana-usa.com/create-customer-account.html
I means this should be still hanker case right?
or this could be real user go to registre case? ??? ???