tansqrx
Dec 13 2006, 11:28 PM
Looks like I got hit again and this time it was hard. This one was directed at my Nucleus CMS blog located at www.ycoderscookbook.com/blog. My problems are not fixed yet and a related article can be found at http://www.astahost.com/spam-problem-forums-t13969.html. It started when I checked my email that I have all my Astahost traffic forwarded to (which is also my main account). I knew it was bad when I had 500+ new messages from comments on my blog. After deleting all of the messages I checked the blog and every single post had around 15 new comments advertising quite nasty things. Fearing that things would only get worse and I would have another 500 messages tomorrow, I decided to disable the blog and investigate later. According to an article at SecurityFocus (http://www.securityfocus.com/news/11420), bot nets are behind a lot of the recent SPAM plaguing the Internet lately. The investigation on my problem seems to support that hypothesis. All of the comments were from different IP address yet held the same advertisement. Some of the comments could have been duplicate IPs but after my twentieth visit to www.dnsstuff.com to do a reverse IP lookup, I just gave up. From the recent SPAM on my forums to this recent happening, it is clear that I am on “the list” and I better batten down the hatches if I am to stay on the Internet for more than a week. Here is a list of things that I hope will work. ImplimentedUpdate software - I am running Nucleus CMS from http://nucleuscms.org/. The old version was 3.22 and I updated it to 3.24. There was no fixes for SPAM particularly but I figured it would be a good idea to keep the install current. The installation was absolutely no hassle. Since only minor changes had been made, all I had to do was copy the updates files over to the servers. No configuration files were included so I didn’t have to worry about my custom skins being affected. NP_Captcha – (http://wakka.xiffy.nl/captcha) This adds captchas when registering or posting a comment. Since I think all of the SPAM was from a bot network, this should squash all of the current SPAM issues. I also liked this solution because it was very easy to implement and requires no on going matience. Not Implimented But ConsideredMost of these solutions and more can be found at http://wakka.xiffy.nl/plugin_by_category?s=spamNP_Blacklist – (http://wakka.xiffy.nl/blacklist) I didn’t try it but this seems like a more robust solution because you can make your own blacklists. NP_SpamBayes – (http://wakka.xiffy.nl/spambayes) If you are going to run a blacklist then this looks like the way to go. You can train the filter to what is accepted and what is SPAM. I really didn’t want to go in this direction because I just don’t have the time to train a filter. I can go long periods without even checking the site so I think this would not really help any. NP_Spamtrap – (http://www.slavespath.net/gifts/nucleus/) I couldn’t get to the site because the corporate firewall didn’t like it but the description look interesting. NP_GlobalBlacklist – (http://wakka.xiffy.nl/globalblacklist) This appears to be a community generated blacklist that is no more. The link is broken but once again a good idea worth mentioning. Unrelated “Fun” StuffWhile poking around the plugins page I found a few other things of interest. NP_Poll – (http://wakka.xiffy.nl/poll) This will create a poll on your blog. Not much use but it just looked too cool to pass. The install was easy but implementing the poll in your post is somewhat of a pain because you have to paste a special code for each pool. NP_SystemInfo – (http://wakka.xiffy.nl/systeminfo) This also seemed useful. It shows every version number and system statistic that it can get its hands on.
Reply
saint-michael
Dec 14 2006, 01:54 AM
Sounds like a plan, that all web designers can do is keep blocking the morons who have nothing else better to then spam and trying to steal to peoples info. Of course from an article that I read the "EXPERTS" are saying that hackers, crackers, Phisher's are going after community sites, expecting to find out more about a person. Think thats one of the reason I don't bother with my own design, to much work gets toss away because someone is bored. Either way good luck with the spammers.
Reply
twitch
Dec 16 2006, 12:11 PM
It would be fun to spam the spammers. See how they like it.
Reply
richie
Dec 16 2006, 01:48 PM
adding the requirement of writing the text that's seen on the image while commenting would eliminate all bots ,how much the spammers might be profiting by this,they really need to be taught a lesson
Reply
Hercco
Dec 16 2006, 07:45 PM
I used to get tons of comment/trackback spam to my Wordpress blog. I had to close down the comment system until I found adequate spam protection. The best one I've found is Akismet. It works like a charm. After installing no spam posts have got through. Check it at http://akismet.com/. Best thing is that it's free for personal use. 
Reply
ruijie
Dec 18 2006, 12:20 PM
QUOTE(richie @ Dec 16 2006, 09:48 PM) 
adding the requirement of writing the text that's seen on the image while commenting would eliminate all bots ,how much the spammers might be profiting by this,they really need to be taught a lesson
Not all bots will be eliminated from posting! Now new bots can even read captchas! Look at the excerpt below from http://sci.rutgers.edu/forum/showthread.php?t=73911QUOTE In the past three months, CareCure has been hit by spam. We have had as many as 250 registrations per week by spammers who have posted many spam posts on our site (diligently removed by the moderators). Many other bulletin board operators have seen a similar dramatic increase in the number of spam posts. Of course, spam has been a plague on internet users for many years. For some people, especially those who have posted their email address on internet, they may be targetted by thousands of spam email every day. A whole industry has arisen to stop spam. There are times when I wonder why there are so many spammers. Most spam messages are so ridiculous that they must have little or no commercial value. I wonder if spammers are creating their own industry. To prevent automatic registration by internet programs, the site software asks new registrants to type in a code which is presented in the form of an image. Called CAPTCHA, this approach has been generally successful in ensuring that some human role in the registration process. Unfortunately, some people developed programs starting about two years ago that could accurately read the CAPTCHA images. In December 2005, such code was posted for reading the CAPTCHA images on vBulletin software with 100% accuracy. Use of this code, I suspect, is the reason for the large increase in the number of spam registrants and posts on our site. In any case, one of the rules of forum posting is not to post your email address. There are internet bots that peruse through web sites such as ours for the presence of any email address, put it on a list that is then sold to spammers. It is a virtual invitation for spam. Once your email has been put on such a list, there is no way of getting off the list and keeping from having a spam-infested email address. So, how can you post your email address for other humans to read without a bot reading it and putting it on some spammer list? You can create an image of your email address, attach it as a jpg file to a post, and then do an image command to show the image. The way to do it is to create an image of your here is my email address. I recently found a site that creates a png image file of your email address that you can then use on web sites. Go to the Domain Tools web site http://www.domaintools.com/domain-privacy/...protection.html All you do is type your email address and it will generate an image of your email address so that you can post it on the web. When the site gives you the image of your email address, just click it to see the image in a separate window, copy the URL address of that image. People will have to read and type your email address manually. While programs that read CAPTCHA images may be able decode the image, it is unlikely that bots that peruse through web sites would take the trouble of decoding every image reference that they encounter in a forum. It should be a reasonably effective approach to protecting your email address.
Reply
Quatrux
Dec 18 2006, 02:44 PM
QUOTE(Hercco @ Dec 16 2006, 09:45 PM) I used to get tons of comment/trackback spam to my Wordpress blog. I had to close down the comment system until I found adequate spam protection. The best one I've found is Akismet. It works like a charm. After installing no spam posts have got through. Check it at http://akismet.com/. Best thing is that it's free for personal use. I agree, it seems that Akismet is the best thing which can deal with SPAM these days, I installed it several months ago, due to I was terribly tired of deleting spam, but now I just go to akismet management and delete all the messages, due to I know that it is spam comments.. Also the image with random text, symbols and numbers helps, once I wrote I script with it and the spam messages/registrations in my site also has gone, now I am afraid only of stupid people who can register and spam manually  Here are my Akismet statistics, I have it maybe a little more than 4 months.. Caught SpamAkismet has caught 15,559 spam for you since you first installed it.
You have no spam currently in the queue. Must be your lucky day.
Reply
lemonkiss
Dec 25 2006, 06:34 PM
Well, that seems a bit of a problem. My old site had a couple days of scamming but then it stopped. I was amazed.
Reply
tansqrx
Dec 29 2006, 09:13 PM
It sounds like Akismet is a nice solution but it looks like it is only for WordPress. I would like to make an update to my original post. Since I have installed and updated the site, I have gotten no SPAM messages and it looks like a success, at least for now. Apparently the program that the spammers were using against me hit a brick wall with the new additions. This does not rule out future attacks but this looks to be a good start.
Reply
Recent Queries:--
nl.captcha - 271.23 hr back. (1)
Similar Topics
Keywords : wasted, hours, life, blog, spam, ongoing, saga, spam, website
- Spam Issues...is Astahost Selling Our Addresses?
(10)
Spam Because Mail In Aplication Formas
(9) Many of us, who wanted to get hosting, wrote in application form their e-mail. Beacause of that
forum is in google, our e-mails are also in google and bots searching for mails to sapm can find
ours mails and send us lots of spam... I startet geting about 20 mails daily and it become annoying.
I want to ask admin or any mod to delete or replace with * my mail, so it may have some effect. (I
was trying to notify admins, but they have full message boxes) this is topic where is my mail:
http://www.astahost.com/-t14427.html Mods, plese delete my mail or do something to sto....
Forbidden Access To My Website
(6) About a week ago, I was trying to figure out a way to clear all of my data out of my server. So, I
deleted the public_html folder and trashed it. I created a new public_html folder, set the
permissions to 0755, created a new index.php file, but when I tried to view my website, it showed
this error, a Forbidden Error: http://cbonline.astahost.com Do I have to touch up the htaccess
for the public_html folder or something for the server to remove that message? Thanks for the help.....
Website Upgrading
not yet??? (2) It's been over a week since i've posted my application for website upgrading, but still no
one has responded!!! I have well reached my required limit for 30 posts. I wonder how much more time
it will take, as my time constrains force me to cut things in a very short line.....
Looking for wasted, hours, life, blog, spam, ongoing, saga, spam, website
|
*SIMILAR VIDEOS*
Searching Video's for wasted, hours, life, blog, spam, ongoing, saga, spam, website
|
advertisement
|
|
