Jump to content

Archived

This topic is now archived and is closed to further replies.

piznac

SPAMMERS:(

Recommended Posts

Hello all,

I have a problem. I made this site [url=http://wrlclan.com]http://wrlclan.com[/url] its a simple gaming clan site. Nothing really important. But for the month of June of this year we received 2.4 million hits. Before we were averaging 2-3 hundred thousand a month. Now we average around a million.

Well when we hit that many hits in June,.. the spammers came. You see I have a very simple php/mysql guestbook/shout out script set up on the site. Well we were bombarded by spammers so I had to step up the security. I blocked certain characters used in html and bbc and I put up a very simple captcha script. This was a great succes for 99% of the spammers and I have never seen them again, except one. Ive also been blocking IP via the htaccess file. This works great for the average person but is useless agaisnt anyone who knows how to use a proxy server.

But back to this one spammer (72.232.213.210) this one is really starting to scare me. This bot is able to leave messages in on the page without leaving anything in the database. Well Im not sure of that cause I have a delete record script set up as well and the messages show up but you cannot delete them. Also I have banned his IP at least a dozen times to no avail & and Ive blocked at least 60 known spam bots in the htacces file.

So has anyone ever encountered something like this? And if so can anyone give me any advice?

As always thanks

Share this post


Link to post
Share on other sites
If you've had to ban the same IP more than once, the script you are using is not doing its job. ;)

[code]<?php

  //And I suppose there are other methods and several other things
  //you can do besides this little example.

  if($_SERVER[REMOTE_ADDR] == '72.232.213.210') {

  header("Location: index.php?action=banned");
  }

  if($_GET[action] =='banned') {

  echo"<b>You're a low life scum and we don't want your kind here!</b>";
  }
?>[/code]

Share this post


Link to post
Share on other sites
well I've been banning by using the .htaccess file,. and it does work. But I would have to assume he is masking the ip and that is not the true IP.. but I will give that script a try :) and thanks

Share this post


Link to post
Share on other sites
I had an issue with bots. I made it so you couldnt post within 10mins of each of your own posts (based on IP) and that didnt stop them.  Then I changed it to 24hrs and still that didnt stop them.  It wasnt until I put in the Captcha image (like you have on you site) and that seemed to of stopped them....

As for not being able to ban the guy because he is spoofing his IP address not sure what you can do to get around that.  Perhaps have your webhost look into it to see if there is anything they can do?

Share this post


Link to post
Share on other sites
thanks, and ya the captcha got 99% of them. But this bot is somehow bi-passing all of this. I will check with my server people. Anyone else got any idea? The thing that really bothers me is its able to leave a post but leave nothing in the database,.. where is it storing this text?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.