SOLUTION for "site was hacked" !!!

[HelloKitty]

In the last few days, I had a lot of attacks on my website.
The single step registration works perfect, but the attacker are still there. That´s a lot of traffic and my cpu load get up to 90-100%.....:devil:

The solution is:

Put this code in your .htaccess!
Works perfect!


#Block pycurl bot
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^pycurl/ [NC]
RewriteRule .* - [F]

[Divisive Cotton]

But what does this code do?!

[graphicsguru]

that only helps it will not stop them 100%

its from Hackers using PyCurl to bypass registration

you can see some on the morons on Pligg Beta 9 / Upcoming

add them to your ban urls

[Peter]

Quote:

Originally Posted by graphicsguru

that only helps it will not stop them 100%

its from Hackers using PyCurl to bypass registration

you can see some on the morons on Pligg Beta 9 / Upcoming

add them to your ban urls

Thats scary, if pligg demo in developers site is like that, its a thing to get worried about.

Anyways, its seems as pligg is dieing, maybe its time to hire a programer, who knows.

Or developers are still here ?

Because it seems all questions are just get ingnored, no matter about what.

[graphicsguru]

NOT sure how the plidd demo members are submitting the stories simple sign up and post is my guess

NOT sure if the pligg demo has and mods my guess is NOT


I am using all the pro and member developed mods to help fight spam and splog

I am use the code above its not going to stop a retard from joining and making a post
Dream Day First Home Game Download At Palygame made one post today on my site its gone now banned

what I get is 2 to 5 signing ups that don't read my terms not pligg fault at all "we banned them all"

no way is anyone going to keep a successful pligg site bug free spam free by themselves

if you find them on the pligg demo its a 99.9% chance your going to see the same post on digg are you saying digg needs to hire new developers

[richrf]

Hi all,

I am quite confident that Bad Behavior, and standard, heavily used plugin in the Wordpress community, is an excellent solution to this problem. Bad Behavior is designed to stop all types of bots. Combined with Akismet, which is designed to stop manually entered spam, Pligg would have excellent protection. It is beyond me why the Pligg developers have never incorporated these simple protection mechanisms into the base product (at least the option to turn them on). It is impossible to have maintain a clean, heavily used site without these protections.

In addition, I would like to have the Google Safe Browsing API incorporated into the base application, in order to minimize Google blacklisted pages suspected of phishing and malware.

I would like to build a Pligg site on Links.com that will be designed to highlight new sites on the web, but I need to incorporate these APIs as well as a new skin before I can do it. If there is a developer who can take on this assignment, please contact me.

Rich

[juanmartinbravo]

Quote:

Bad Behavior is designed to stop all types of bots. Combined with Akismet, which is designed to stop manually entered spam, Pligg would have excellent protection.

Co-sign, don't know if it's something easy to do fro pligg (I guees it's not), but co-sign :)

[richrf]

Hi,

I briefly read the spec on Bad Behavior. I think it is straightforward enough that even I could do it, and I know practically nothing about Php programming. However, since I need to do a few things, I thought I would seek out an experienced Pligg developer and pay for it. I have a local guy, who is really sharp, and I will contact him. If I come up with a solution, I will share it with the group.

Rich

[Divisive Cotton]

Bad Behaviour is too strong a solution Rich - it can interfere with legit traffic

[richrf]

Hi,

Yes, it is true that Bad Behavior can stop some legit traffic - but very rarely. It is a compromise that needs to be made, for without it, the whole site goes down. I get about 2000 visits per day. I can't afford to have rubbish all over the place, so if a legit user is stopped every once in a while (it may happen once a month or so), it is the compromise I have to make. Without it, for me, Pligg is totally useless. Every blogger makes their own decisions, since the Wordpress Bad Behavior is a plugin. Most successful blogs, with high traffic, need to use Bad Behavior or an equivalent. It is unfortunate that the Pligg development team does not understand yet, that no Pligg site can be highly successful without top of the line spam protection. It is like building an expensive mansion without a lock on the front door.

I have a developer working on the problem right now. If it works, will share it with other users.