Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Another Spam Attack - and upcoming actions

  1. #1
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post Another Spam Attack - and upcoming actions

    Just wanted to let everyone know that there was another spam attack today...2 actually...and I imagine more will take place very soon...I'm trying to eliminate them now and enact actions that will prevent them from taking place...but if you get a message alerting you of a pm...and you find that you don't have a pm...it was probably spam, and it was deleted.

    I am trying out reCaptcha. Its an image verification system that not only helps eliminate spam, but in the process of solving the captcha, you're helping to digitize old books for online use. Read about it here: http://recaptcha.net/

    I may end up temporarily disabling PMs until I can get the problem under further control...if so I'll make a post here letting you all know...and wil also be setting the board up to only allow pms after at least 5 actual posts are made.
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

  2. #2

    Post

    That's brilliant! I most definitely approve of that measure. I love the idea of turning a nuisance into something useful, and doing it completely transparently. That's got to be one of the most elegant ideas I've seen in a while.
    Bryan Ray, visual effects artist
    http://www.bryanray.name

  3. #3
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post

    Yeah I thought it was rather ingenious...As soon as I did some searching on the vbulletin forums about spam blocking...I found out that vBulletin NATIVELY supports reCaptcha...I went ahead and signed up...and sure enough it worked.
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

  4. #4
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post

    I just read...I think the spammer is using a script that tries all the accounts in the memberlist and tries to log in using the same password as their username.

    Which basically means...if a user stupidly made their password the same as their username, it will eventually be found by this bot. I'm going to see if I can find code that will tell me what users on the site have done this...

    So...if your password is the same as your username...change it now, or I may change it for you.
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

  5. #5
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post

    There's a BUNCH of spam PMs from a BUNCH of users...I think they're compromised accounts...

    I have turned off private messaging temporarily. If all goes well private messaging will return tomorrow or Monday...but I'm not comfortable turning it back on until the spam problem is solved.

    Sorry for the inconvenience.
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

  6. #6
    Administrator Redrobes's Avatar
    Join Date
    Dec 2007
    Location
    England
    Posts
    7,288
    Blog Entries
    8

    Post

    Let me know if there is anything I can do script wise to help out. I use one to grab errors from the error log and format up htaccess entries which get tacked on. Ok it bins some legit attempts to join that screwed up but it culls the spam bots severely.

  7. #7

    Default

    Good luck, Robbie.

    Spammers are a pain in the butt. On my home site blog I ended up having to block trackbacks at the firewall, not because they were getting them through (very good spam prevention in the blog software I use), but because the spam catching/processing was killing by CPU

    -Rob A>

  8. #8
    Community Leader NeonKnight's Avatar
    Join Date
    Aug 2007
    Location
    Surrey, Canada, EH!
    Posts
    5,051

    Post

    Best of luck in eliminating the annoyances of the Web!
    Daniel the Neon Knight: Campaign Cartographer User

    Never use a big word when a diminutive one will suffice!

    Any questions on CC3? Post them with CC3 in the Subject Line!
    MY 'FAMOUS' CC3 MAPS: Thunderspire; Pyramid of Shadows; King of the Trollhaunt Warrens; Demon Queen's Enclave

  9. #9
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post

    Thanks to a nice healthy discussion on the vbulletin forums I think I got it under control. All the affected users were banned and I've deleted all their sent pms.

    I've also set up a new permission system that I'll be turning on momentarily.

    Whats going to happen is that all the Registered Users on the site with more than 5 posts will be promoted to the Guild Members group.

    These two groups are identical except for the fact that registered users cannot send private messages.

    If there ever happens to be any other forms of spam such as spam posts, then I'll make their first 5 posts require moderator approval before they appear on the site. This is definitely going to help cull the problem...BUT, there may be some minor permissions issues that pop up...and if anyone sees anything wrong, please PM me when PMS are turned back on.

    Thank you all for your patience, and again I apologize for the inconvenience.

    Redrobes...thanks for the offer for assistance. There's a php script that was posted to the vbulletin forum that searches the user base and randomly changes all the passwords of users who's passwords = username...but I'd like to modify it to only create a list of said users instead of randomly assigning their password. Know enoough about php to help me with that? If not, I'll try to work through it...but its lower priority at the moment since I seem to have it under control.
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

  10. #10
    Administrator Facebook Connected Robbie's Avatar
    Join Date
    Mar 2006
    Location
    Dayton, OH
    Posts
    3,877
    Blog Entries
    6

    Post

    Ok, its done...private messaging has been turned back on...BUT...the registered users group does not have access to it.

    As soon as the site runs its regularly scheduled maintenance routines (every hour) it should make a mass promotion...promoting all users with more than 5 posts to the Guild Members group, and allowing private messages again.

    I'll make a post here when I see for sure that that has happened.

    All members of additional groups (such as industry pros and CLs and whatnot...should already have their private messaging system back...but I'm not sure)
    Fantaseum (https://www.fantaseum.com)

    Robbie Powell - Site Admin

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •