official guestbook hacked?
Asked Modified Viewed 11,072 times
Wanabo
Wanabo 10
- Senior Member, joined since
- Contributed 598 posts on the community forums.
- Started 94 threads in the forums
- Started this discussions
Found this guestbook entry in 3 of 5 sites I own.
All sites are in the Dutch language, but the guestbook entry is English submitted by a Polish person.
I regard these entries as spam.
Left 1 example in my guestbook for you to see! --> guestbook example <-- Edit: example removed, but feel free to take a look at my Dutch guestbook! ;)
It's the entry by Tomek.
If these entries are manual then there is no problem.
If these entries are automated, additional protection is needed.
All sites are in the Dutch language, but the guestbook entry is English submitted by a Polish person.
I regard these entries as spam.
Left 1 example in my guestbook for you to see! --> guestbook example <-- Edit: example removed, but feel free to take a look at my Dutch guestbook! ;)
It's the entry by Tomek.
If these entries are manual then there is no problem.
If these entries are automated, additional protection is needed.
Edited by Wanabo on 29-09-2006 17:10,
answered
oh.....I don't regard it as Spam but since its your site. I don't know if its automated, I think it looks manual though. To check change the folder in infusions called guestbook to something then change the main file guestbook.php to same as the folder, You might want to edit guestbook.php to link it up
answered
Thre are some older MODS to protect guestbook. Don't know if they will still work but you could check that:
http://www.phpfusion-mods.com/forum/v...8&pid=6351
http://www.phpfusion-mods.com/forum/v...8&pid=6351
gojuryu
gojuryu 10
www.gojuryu.net
Online since 1998 & running PHP-Fusion since 2004
Online since 1998 & running PHP-Fusion since 2004
- Member, joined since
- Contributed 105 posts on the community forums.
- Started 16 threads in the forums
I'm sure that is automated as it is the same message and link I have seen maybe 50 times over the last year.
Wanabo
Wanabo 10
- Senior Member, joined since
- Contributed 598 posts on the community forums.
- Started 94 threads in the forums
- Started this discussions
Well no more "spam" messages occur! So I guess there is no real spam danger, otherwise all php-fusion sites would have been flooded by now.
I remove mentioned guestbook entry! And edit the first post.
I remove mentioned guestbook entry! And edit the first post.
answered
Ummm, since this was an issue of spamming - not hacking - was it necessary to use the word "hacked"? in the subject line? We've already had some folks (falsely) accusing PF of being responsible for hacks in the last few weeks so this is not the best subject line to use in this instance.
Guestbooks that don't have some sort of spam protection are an issue on ANY site, inside a CMS or not.
Guestbooks that don't have some sort of spam protection are an issue on ANY site, inside a CMS or not.
Wanabo
Wanabo 10
- Senior Member, joined since
- Contributed 598 posts on the community forums.
- Started 94 threads in the forums
- Started this discussions
@braajeri
Wel if a weakness or security hole is exploited I call it a hack. In this case I thought it was the guestbook. And please take a note on the questionmark! in the subject line.
I know to what post you're referring when you're talking of some folks.. and you really upset me when you compare me with them.
Wel if a weakness or security hole is exploited I call it a hack. In this case I thought it was the guestbook. And please take a note on the questionmark! in the subject line.
I know to what post you're referring when you're talking of some folks.. and you really upset me when you compare me with them.
enablingwolf
enablingwolf 10
- Junior Member, joined since
- Contributed 14 posts on the community forums.
- Started 2 threads in the forums
tomek has been in my guest book also. I assume he is getting addresses from the support sites for Fusion. It is part of the web, and dealt with the nice tools of blacklisting him and his crowd. :D
Here is his WHOIS info:
http://whois.domaintools.com/212.122....22.215.107
He has a nice range of IP's:
212.122.215.0 - 212.122.215.255
Looking at some info in light of strange entries, his site (IP) is listed as SPAM on SORBS.
So he gets a nice blacklist on my site.
Here is his WHOIS info:
http://whois.domaintools.com/212.122....22.215.107
He has a nice range of IP's:
212.122.215.0 - 212.122.215.255
Looking at some info in light of strange entries, his site (IP) is listed as SPAM on SORBS.
So he gets a nice blacklist on my site.
answered
@Wanabo, not comparing you to any other poster. Just saying we need to all think before using the word "hacked" in the subject line if the issue is just spam and not hacking. I remember some time back that I never even paid attention to the guestbook in PF until I looked at some stats for my site. Most of the hits were for guestbook.php. I havd literally 100s of entries, 99.99% of which were total spam. Is that an exploit? No, the guestbook is just a simple form that bots can utilize to enter spam. So I just went in phpmyadmin and wiped out all of the entries and disabled the guestbook. If you want to keep your guestbook open (who uses guestbooks anymore besides spammers?), install one of the spam protection mods.
Category Forum
Bugs and Errors - 6Labels
None yet
Statistics
- Views 0 views
- Posts 8 posts
- Votes 0 votes
- Topic users 6 members
0 participants
Notifications
Track thread
You are not receiving notifications from this thread.
Related Questions