piznac Posted October 27, 2006 Share Posted October 27, 2006 Hello all,I have a problem. I made this site [url=http://wrlclan.com]http://wrlclan.com[/url] its a simple gaming clan site. Nothing really important. But for the month of June of this year we received 2.4 million hits. Before we were averaging 2-3 hundred thousand a month. Now we average around a million.Well when we hit that many hits in June,.. the spammers came. You see I have a very simple php/mysql guestbook/shout out script set up on the site. Well we were bombarded by spammers so I had to step up the security. I blocked certain characters used in html and bbc and I put up a very simple captcha script. This was a great succes for 99% of the spammers and I have never seen them again, except one. Ive also been blocking IP via the htaccess file. This works great for the average person but is useless agaisnt anyone who knows how to use a proxy server. But back to this one spammer (72.232.213.210) this one is really starting to scare me. This bot is able to leave messages in on the page without leaving anything in the database. Well Im not sure of that cause I have a delete record script set up as well and the messages show up but you cannot delete them. Also I have banned his IP at least a dozen times to no avail & and Ive blocked at least 60 known spam bots in the htacces file.So has anyone ever encountered something like this? And if so can anyone give me any advice?As always thanks Quote Link to comment Share on other sites More sharing options...
piznac Posted October 27, 2006 Author Share Posted October 27, 2006 Oh and if this is in the wrong topic Im sorry Quote Link to comment Share on other sites More sharing options...
Caesar Posted October 27, 2006 Share Posted October 27, 2006 If you've had to ban the same IP more than once, the script you are using is not doing its job. ;)[code]<?php //And I suppose there are other methods and several other things //you can do besides this little example. if($_SERVER[REMOTE_ADDR] == '72.232.213.210') { header("Location: index.php?action=banned"); } if($_GET[action] =='banned') { echo"<b>You're a low life scum and we don't want your kind here!</b>"; }?>[/code] Quote Link to comment Share on other sites More sharing options...
piznac Posted October 27, 2006 Author Share Posted October 27, 2006 well I've been banning by using the .htaccess file,. and it does work. But I would have to assume he is masking the ip and that is not the true IP.. but I will give that script a try :) and thanks Quote Link to comment Share on other sites More sharing options...
piznac Posted October 28, 2006 Author Share Posted October 28, 2006 no go Quote Link to comment Share on other sites More sharing options...
piznac Posted October 29, 2006 Author Share Posted October 29, 2006 bump Quote Link to comment Share on other sites More sharing options...
SharkBait Posted October 29, 2006 Share Posted October 29, 2006 I had an issue with bots. I made it so you couldnt post within 10mins of each of your own posts (based on IP) and that didnt stop them. Then I changed it to 24hrs and still that didnt stop them. It wasnt until I put in the Captcha image (like you have on you site) and that seemed to of stopped them....As for not being able to ban the guy because he is spoofing his IP address not sure what you can do to get around that. Perhaps have your webhost look into it to see if there is anything they can do? Quote Link to comment Share on other sites More sharing options...
piznac Posted October 30, 2006 Author Share Posted October 30, 2006 thanks, and ya the captcha got 99% of them. But this bot is somehow bi-passing all of this. I will check with my server people. Anyone else got any idea? The thing that really bothers me is its able to leave a post but leave nothing in the database,.. where is it storing this text? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.