Feature Requests
Share ideas, discuss and vote on requests from other users in community
 

One-time verification to stop spam on ticket system

Anonymous shared this idea 5 years ago
Under Consideration

I believe this is simple and good solution for eliminate 100% of ticket spam:

1) whmcs receive new ticket

2) if the email come from a client, ticket bypass verification

3) if the email come from a unknown address, whmcs send a message back, asking to click on a link to verify if this is not a spam

4) if the link is clicked the ticket is accepted and the EMAIL is saved on a database table, so in the future is not necessary a new verification from the same email address.

With this, only messages from registered clients and click-verified emails will be accepted as tickets.

The verification only occur one time for unknown email address. Your customer with a non-registered email address wil perform the verification only one time.

This feature should be OPTIONAL on ticket system, and have a tool to delete old emails on database, example: delete all verified emails that not open a ticket on last 1 year - with this tool the table with "verified emails" will not grow forever.

As OPTIONAL feature on WHMCS.

Comments (6)

photo
1

support department settings:

Client only:

Clientarea Only:

Security settings:

captcha: on when not logged in.

Those should help you out.

photo
1

It's not really a solution as tickets can be created in various departments by someone sending an email, whether the email is spam or not.

photo
1

ospreyservers wrote:

It's not really a solution as tickets can be created in various departments by someone sending an email, whether the email is spam or not.
If you have it clients only then you know the person sending those emails, dont allow client register without purchase and you are unlikely to have a spam issue.

photo
1

3rd point is a good point when you don't want to limit your support only to your customers.

If you allow only your customers to open a ticket then you will lost many new customers who want to ask a question or clear a doubt.

photo
1

New customers can always email for information. This stops the script kiddies and saves the WHMCS security issues. God knows how many. This is by no means a fix, its a way to stop hacks. Thanks for the suggestions.

photo
1

Kunnu, the only new customers i have had in 3 weeks have signed up with false information and tried to test the hacks on WHMCS, i really don't care about new customers at this point in time, deleting fake customers is a waste of time for me.. Not to say, i don't want new customers, i am just fed up.. A total lockdown is what I'm trying to achieve at the moment, yet i still want a useful package. Seems a little impossible at the moment.,, But I'm still trying.. I have also tried IP blocks for most apart from some countries which i have customers from. But even script kiddies from the states try every day... Cheers