Quote
TammyK wrote:
On Monday I'll put a log on the registration form on my site.
Something to look at, why is it only spamming the comments? Once registered, it should be able to hit the forums just as hard, but it's only spamming the comments.
Quote
Joe Kriz wrote:
snip..
I sent emails to the above addresses at that time and they never came back to me undeliverable. I assume some server received those emails.
snip..
Quote
Joe Kriz wrote:
snip..
I have had my site set NOT TO ALLOW any members to change their email address once they register.
snip..
Quote
TammyK wrote:
Something to look at, why is it only spamming the comments? Once registered, it should be able to hit the forums just as hard, but it's only spamming the comments.
Quote
TammyK wrote:Quote
Yxos wrote:
Allright, allright... If you say so.... ;)
Well the ones who've done it to me in the past on my other project follow that pattern. :@
Quote
TammyK wrote:
I can find where they viewed the page to submit the comments. They're hitting each news item/article 3 times. It looks like they're maybe reading the news_cats.php and articles.php pages to generate a list of all news items and articles then posting a single comment to each one.
WHERE yourcolumn >= DATE_SUB(CURRENT_TIMESTAMP, INTERVAL 30 MINUTE)
Quote
joecrow wrote:
Edit:
OK, it seems that they first try to add themselves as new members with a normal looking name. Then they add a new account that has a name followed by numbers which is the one they use to spam the comments. I caught the one above and almost allowed another new member that looked OK at first. However, after I googled the name, it came up on many forums. That's what gave it away. Also, I researched the IP address and the geo location and it made no sense for someone from across the world to want to join my little hometown website. So, it seems this one is another one of their attempts to get in too:
username:2n2kas
email:jahh@walla.com
IP addy:84.15.70.40
So, start looking at new members closely. They are using simple looking usernames too. By the way, subimp997 and irupeteq are another two names.
Quote
Lasse Jensen wrote:
I checked my site for members as written above after a few spam-bot attacks, and i found this user:
username: Lorder
email: jurox@walla.com
Ip add: 88.118.83.158
Can anyone confirm that these walla.com accounts has(or dont) something to do with the spambots?
Edit: This guy (Lorder) havn't made any spam on my website at all, just for the record :)
Category Forum
Official Core Support - 6Labels
None yet
Statistics
0 participants
Notifications
You are not receiving notifications from this thread.
Related Questions