 |
| | LinkBack | Thread Tools | Display Modes |
12-11-2007, 09:01 PM
| ||||
| ||||
|
edpudol is absolutely correct. It would appear they are using PyCurl or some other method to entirely bypass CAPTCHA.
__________________ - Informed Networker - Social News for Network Engineers and System Administrators.  |
|
12-11-2007, 09:07 PM
| |||
| |||
|
If they are using legitimate bot and behave like robot then we can stop them by disallowing them from robots.txt
|
| The Following User Says Thank You to edpudol For This Useful Post: | ||
|
12-11-2007, 09:12 PM
| ||||
| ||||
|
Correct, unfortunately, it is unlikely that a spammer will act like a legitimate robot. Additionally, while it may quash this particular spammer there is the larger issue of the ability of a spammer/hacker to insert unwanted data into our db through the user.php page. I am sure the Pligg developers will be able to quickly implement a method that disallows outside sources to simply add materials. David.
__________________ - Informed Networker - Social News for Network Engineers and System Administrators. |
|
12-11-2007, 09:16 PM
| ||||
| ||||
|
It appears to have only hit the top 40 posts on the published page and 10 posts on the upcoming page. I have the gravity mod installed, so each change on a post put the story back on the top. It used several different of the several hundred accounts that the spammer created.
Last edited by not2serious; 12-12-2007 at 09:29 AM.. |
|
12-11-2007, 10:31 PM
| |||
| |||
|
That little math quiz I added seems to have worked. No new spammer registrations since the change. If they get they can't solve 8 + 1, they're not registering on luxa.org. Deleting the spammers was a breeze in phpmyadmin. I may change up the quiz once in a while, along with the form field name. On a side note, I don't use CAPTCHA, and my registration process is only one step. Hit 300 legitimate members today. :) |
|
12-12-2007, 01:13 AM
| ||||
| ||||
|
I got whacked today while I was at work. I was able to delete the comments but not the users from the admin panel. I am using katlis' math hack right now until a better fix gets posted. I have saved all the deleted data if anyone is interested in comparing.
|
|
12-12-2007, 01:53 AM
| |||
| |||
|
Had the same problem yesterday. I deployed the setup email registration confirmation, which has been recommended by others. http://forums.pligg.com/pligg-mods/4...il-v0-1-a.html Funny thing now that I think about it though, the moment I deployed this, the new accounts and spams stopped completely, which was great. It makes sense to me that this stopped the problem. But shouldn't this only prevent the spambot from using the accounts it created, shouldn't the accounts the bot is trying to create still appear in the user management area of admin? Maybe I am having a "duh" moment and overlooking something obvious. I tried creating a new account though and not confirming it, and it does appear there. I don't know, but I do know the bot is still hitting the site repeatedly, I am logging tons of unique hits due to this even though the spam problem has stopped. I guess we have to all try and work on how to stop this bot, because it is going to throw everyone's traffic and bandwidth records way off. It won't be as simple as an IP block though since this bot uses a different IP with each hit it appears... |
|
12-12-2007, 06:11 AM
| |||
| |||
|
It seems - although I wasn't paying a great deal of attention - as if each account only posted 1-2 comments and then got discarded... presumably in case there is some kind of flood protection... so, once you change your register page - problem solved. It IS disconcerting though and I certainly hope that anti-spam, verification becomes part of core Pligg functionality because it seems to be in the firing line now... which isn't to say that the mods aren't appreciated and useful, it simply seems Pligg is of the age when these type of precautions aren't optional anymore. Again thanks to people for the advice - I just finished clearing out the 300+ spammers from the database... I'm really glad that I was around when this happened or there'd likely have been thousands of them. Definitely good to see people banding together against adversity. I just hope that Pligg doesn't becoming a punching bag for the Eastern Bloc hacking community. |
|
12-12-2007, 09:13 AM
| ||||
| ||||
|
The new captcha options module is a good idea, but as davemackey says, assuming the article about pyCurl is correct, none of the captchas will prevent pyCurl being used to hack user.php directly. Wiil there be a security patch released for user.php?
|
|
12-12-2007, 05:48 PM
| |||
| |||
|
ok this is crazy. The bot has managed to disable my option to delete the comments. both albumotes.com and flickvotes.com do not have the check box to delete the comment. I have tried with all three themes including yget Ash, Chuck is this possible because the admin options are simply gone blogengage.com was safe because I edited and added the mods you suggested immediately. Last edited by bbrian017; 12-12-2007 at 06:08 PM.. |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Looks like our Curl User is back REF Help I am being Spammed | rmorrill | General Help | 1 | 01-09-2008 11:00 PM |
| Wiki has been spammed... | jrothra | Suggestions | 5 | 07-14-2007 04:20 PM |
