Hacker posting to my website [RESOLVED--well, sort of]
Moderator: General Moderators
Re: Hacker posting to my website [RESOLVED--well, sort of]
The email field is obvious, but we have no idea what the other two fields are meant to represent. Are there other fields in the form not included in this document? Not much to work with, I'm afraid.
Re: Hacker posting to my website [RESOLVED--well, sort of]
Yeah, you're really getting hit! I'm not surprised it's Chinese, there's a lot of very active spammers there (well, it's a huge country!). Are there URL links in them? I'd say there's no point in complaining to anybody, they're not going to do anything to them. Better to concentrate on how to detect them and just not accept the baddies into your database. The detection is the hard part. For Chinese characters, I suppose you could test anything that is supposed to be English text to see if it contains any non-ASCII characters (I can't think right now just how to do that, but I'm sure it's possible), but that wouldn't help for plain English spams. A good Captcha routine might help, but as someone pointed out earlier in this thread, Captchas can be hacked, too. I wouldn't count on this being kids fooling around, though. That's possible, but I think it's more likely that it's a serious spammer who is getting paid by others to get their URLs in front of thousands of pairs of eyes. It's a shame some people aren't willing to do honest work, like maybe prostitution?? [Just kidding, gotta break the tension.]
The options that I can think of include:
The options that I can think of include:
- Code it as a moderated forum, where a post isn't accepted until it has been reviewed by a moderator; but that means that somebody has to read all the posts!
- Require the poster to supply a valid email address, then send an email to that address, with a validation link to a script that matches the ID of the post and actually posts it; there's probably a way to defeat that, too, but presumably that gives you somebody's real email address that you could later trace.
- Use a strong Captcha that sends the Captcha data to the server for validation, as mentioned in another post earlier in this thread.
Re: Hacker posting to my website [RESOLVED--well, sort of]
The trouble, I think, is that these all look like throwaway Gmail accounts. They could easily retrieve and follow the confirmation links, but having the account reported and blocked probably wouldn't mean much to them. They'd just create another and another and another.... CAPTCHAs can be defeated, honeypots can be defeated, but certainly implementing either or both of those would be a step in the right direction.
Re: Hacker posting to my website [RESOLVED--well, sort of]
Hi Celauran. Happy New Year!
You're right, that's the downside of free email accounts like Gmail.
To clarify Tex's post for anyone who didn't read his own thread, it's a PHPBB forum and Tex is a vb.net developer, just getting his feet wet with Linux and PHP. His original thread is viewtopic.php?f=1&t=138955&p=690109#p690109.
To clarify Tex's post for anyone who didn't read his own thread, it's a PHPBB forum and Tex is a vb.net developer, just getting his feet wet with Linux and PHP. His original thread is viewtopic.php?f=1&t=138955&p=690109#p690109.
Re: Hacker posting to my website [RESOLVED--well, sort of]
I would only report the ones that actually got through and posted spam. So far all I do are three things and its working well, at least for now. One is the Q&A with a question that cannot be easily Goggled, Email confirmation, and 1 post moderation. But last month I was not doing all three and my site got hit bad. The past few years all I had was two of these three and my old Q&A question must of made their list. I also hear these spammers upgraded their scripts or what ever they use and I guess the got a database with all the common Q&A answers so now forum administrators need harder ones. Cat and mouse game for sure.
Re: Hacker posting to my website [RESOLVED--well, sort of]
Tex, do the posts include URL links? That's the most common kind of spam. If they do, how about just rejecting any post that includes "http://"? I did that on my site and I haven't had a single bad post get thru since I did that. If you don't need to allow legitimate links, that might be a first line of defense.
Re: Hacker posting to my website [RESOLVED--well, sort of]
Yes the spammers did post links, but my members do post links that are legitimate as well we share links in our signatures. I hate to loose freedom due to these bandits! Of course pictures of hot babes are OK. Just kidding, I had a long night.
Thanks califdon for introducing my post here on your topic.
Thanks califdon for introducing my post here on your topic.
Re: Hacker posting to my website [RESOLVED--well, sort of]
What about restricting the ability to post links until a certain post count threshold has been reached? Or requiring posts containing links to require moderation until a similar threshold has been reached?
Re: Hacker posting to my website [RESOLVED--well, sort of]
Yeah that is a good idea. I like to also look at code development and detection and auto deletion ideas, such like was mentioned here.
Re: Hacker posting to my website [RESOLVED--well, sort of]
2 things I would do is either add captcha and/or not allow posts with links.