Jump to content


Photo

SPAMMERS:(


  • Please log in to reply
7 replies to this topic

#1 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 27 October 2006 - 06:30 PM

Hello all,

I have a problem. I made this site http://wrlclan.com its a simple gaming clan site. Nothing really important. But for the month of June of this year we received 2.4 million hits. Before we were averaging 2-3 hundred thousand a month. Now we average around a million.

Well when we hit that many hits in June,.. the spammers came. You see I have a very simple php/mysql guestbook/shout out script set up on the site. Well we were bombarded by spammers so I had to step up the security. I blocked certain characters used in html and bbc and I put up a very simple captcha script. This was a great succes for 99% of the spammers and I have never seen them again, except one. Ive also been blocking IP via the htaccess file. This works great for the average person but is useless agaisnt anyone who knows how to use a proxy server.

But back to this one spammer (72.232.213.210) this one is really starting to scare me. This bot is able to leave messages in on the page without leaving anything in the database. Well Im not sure of that cause I have a delete record script set up as well and the messages show up but you cannot delete them. Also I have banned his IP at least a dozen times to no avail & and Ive blocked at least 60 known spam bots in the htacces file.

So has anyone ever encountered something like this? And if so can anyone give me any advice?

As always thanks

#2 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 27 October 2006 - 06:30 PM

Oh and if this is in the wrong topic Im sorry

#3 Caesar

Caesar
  • Members
  • PipPipPip
  • Advanced Member
  • 1,025 posts

Posted 27 October 2006 - 07:01 PM

If you've had to ban the same IP more than once, the script you are using is not doing its job. ;)

<?php

  //And I suppose there are other methods and several other things 
  //you can do besides this little example.

  if($_SERVER[REMOTE_ADDR] == '72.232.213.210') {

  header("Location: index.php?action=banned");
  }

  if($_GET[action] =='banned') {
 
  echo"<b>You're a low life scum and we don't want your kind here!</b>";
  }
?>

PHP Ninja

#4 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 27 October 2006 - 08:34 PM

well I've been banning by using the .htaccess file,. and it does work. But I would have to assume he is masking the ip and that is not the true IP.. but I will give that script a try :) and thanks

#5 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 28 October 2006 - 04:34 PM

no go

#6 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 29 October 2006 - 04:11 PM

bump

#7 SharkBait

SharkBait
  • Members
  • PipPipPip
  • Advanced Member
  • 845 posts
  • LocationMetro Vancouver, BC

Posted 29 October 2006 - 04:23 PM

I had an issue with bots. I made it so you couldnt post within 10mins of each of your own posts (based on IP) and that didnt stop them.  Then I changed it to 24hrs and still that didnt stop them.  It wasnt until I put in the Captcha image (like you have on you site) and that seemed to of stopped them....

As for not being able to ban the guy because he is spoofing his IP address not sure what you can do to get around that.  Perhaps have your webhost look into it to see if there is anything they can do?

#8 piznac

piznac
  • Members
  • PipPipPip
  • Advanced Member
  • 261 posts

Posted 30 October 2006 - 08:03 PM

thanks, and ya the captcha got 99% of them. But this bot is somehow bi-passing all of this. I will check with my server people. Anyone else got any idea? The thing that really bothers me is its able to leave a post but leave nothing in the database,.. where is it storing this text?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users