HELP! I'm getting spammed!

[itsonlychand]

I also faced the same comments Spame problem. I deleted all comments from mySQL Comments table which were only 2300 :D

But at the home page, all of CSS is messed up, its in IE but in Firefox works perfect.

Before anyone of you suggest to stop using IE, I get over 70% IE users :)

Please have a look and help - site is Tagza: Social Bookmarking site / Published Stories

[amprice]

I am really angry now. I have two sites with pligg and I made everything on "true" to get no spammers on the sites. Damn, they made it. After having to reinstall both sites after latest upgrade and loosing the preview-thumbs it is the third thing which makes me think if pligg is right for me.

Where is a mass-delete function, or at minimum a one click admin-button "Delete this comment". The Delete Comments is only working, when I comment the comment. Argh...

Markus

Deleting users manual is not possible, I did it half an hour until I saw, that nothing happened. Great. We should rename pligg in bugg.

[TobiParrot]

Quote:

Originally Posted by TobiParrot

The new captcha options module is a good idea, but as davemackey says, assuming the article about pyCurl is correct, none of the captchas will prevent pyCurl being used to hack user.php directly. Wiil there be a security patch released for user.php?

According to this article on Webmaster World:

PycURL/7.15.

it appears you may be able to block pycurl in .htaccess

Code:

#Block PycURL bot
RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} ^pycurl/ [NC]
RewriteRule .* - [F]

Apparently it will still appear in logs, but with a 403-Forbidden.

I confess I haven't tried it :-)

[enthusaroo]

Subscribe.......

[omeany2]

We have a pretty high profile pligg site and we are getting killed by spammers as well. Today will rename the register file. This is a simple but good temp fix, since the script that they are running is probably the same for all sites based on the out of the box configuration. Right?

Our registration page has custom fields and we cant require email verification so we are going to try the PythonCURL block that someone on here mentioned and hope that helps for long term.

I hate to say it but we were running fine with over a million visits until I listed us on pligg sites. Its unfortunate that things haev to be like this cause of a few J.A.s with enough knowledge to be dangerous.

[juicecowboy]

I put the .htaccess suggestion up. I'll let you know how it goes...

fingers crossed...

[juicecowboy]

1 hour passed with no comment spam. so far so good (.htaccess fix from above)

[Iceburg]

Quote:

Originally Posted by juicecowboy

1 hour passed with no comment spam. so far so good (.htaccess fix from above)

I added it last night as well, and this morning I came in to hundreds of failed e-mail messages (from the welcome mail) so either those were delayed, or the .htaccess fix didn't do it.

[juicecowboy]

Its now the next day and so far I'm still OK. I did have register.php disabled for half a day before I found this hack so maybe it moved on (temporarily).

I have someone working on customizing the Captcha mod for me (I have a custom template) so I'll implement that too when I have it ready.

I am not considering this closed by any stretch, I check comments often, but so far I've been able to avoid that attack for about 20 hours.

[TobiParrot]

@Iceberg. It will be interesting to see how things progress.

It's good to know that the single-step reg and confirmation email mod is working as intended, but it's no consolation if the bot is able to bypass any captcha and submit the registration form.

You can't really run a site that generates hundreds of bounced emails every day.

Juicecowboy's comment about 'moving on' is very true. The attack may stop after beefing up the sign-up procedures, but that isn't always due to anything the site owner has done. If there is a vulnerability in a PHP file somewhere up-line from the registration form, they'll be back.