Spam attack, help needed!

Having trouble installing serendipity?
Post Reply
vincem
Regular
Posts: 59
Joined: Sat Mar 05, 2005 6:01 am
Contact:

Spam attack, help needed!

Post by vincem » Mon Sep 03, 2007 9:42 pm

Hello,

My Serendipity blog seems to be under spam attack and my hosting provider has suspended my account for server over-utilization. Assuming they allow me back in, I must disable all commenting (and maybe trackback too) functions completely if I don't want to lose the site, not being able to afford dedicated hosting.

Here's my question: I've renamed the file comment.php in the blog's root directory so that it couldn't be accessed any more, thinking that would take care of my problem, but it hasn't and the commenting function still seems to be working as usual, allowing posting and reading of comments.

I've also used the emergency comment shutdown option in spamblock, but it doesn't stop the process entirely, only he final comment approval step, and I assume that the server is still getting requests.

Also the spamblock log still reports blocking spam with the comment.php file renamed, so I assume that there is major comment functionality located somewhere else.

Is there a way to remove the commenting capability all together from the blog?

I'm running version 1.2 beta x if I remember well...

Any help much appreciated!

Vince

User avatar
garvinhicking
Core Developer
Posts: 30020
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Re: Spam attack, help needed!

Post by garvinhicking » Tue Sep 04, 2007 12:07 pm

Hi!

The comment.php AFAIR only is used for trackbacks. Usual comments are routed via the serendipity index.php file, so you cannot simply rename/remove a file.

You could patch index.php to disallow commenting, but then the spammers have already successfully made a HTTP request. So you must try to catch them on an IP routing level or block them via .htaccess based on their HTTP user agents, their IP address range.

Sadly this is a problem not unique to serendipity, and there's no real way to deal with it. With people's increasing bandwidht, this will cause much more trouble in the future.

The only way to block it is to prevent spam at its root. Use antivir software, fight against trojans, educate people not to buy things that spammers advertise.

Best regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/

henning
Regular
Posts: 6
Joined: Wed Nov 23, 2005 10:05 pm
Location: Holstebro, Denmark
Contact:

API denying could solve it?

Post by henning » Thu Sep 20, 2007 8:30 am

I have had severe problems with spam too, but then I denied comments via API, and that solved the problem.
The SpamBlock-plugin has to be installed.

chickens
Regular
Posts: 192
Joined: Wed Dec 06, 2006 12:15 am
Location: Vegas
Contact:

Post by chickens » Thu Sep 20, 2007 8:55 am

I was getting a ton of spam for a long while, until I enabled Akismet in the spamblock plugin. You need to get an API key, but all you need to do is sign up for a free wordpress account. I already had one for when I first setup my site (used wordpress). Then I put in the API key into s9y, I have to clean up maybe one spam a month at this point.

jbq
Regular
Posts: 5
Joined: Sun Oct 28, 2007 12:59 pm
Contact:

Post by jbq » Sun Oct 28, 2007 3:29 pm

I'm not experiencing a spam attack, but I'd like to shutdown comments temporarily as my server is in maintenance and I'd like to allow read access but deny write access until the task is completed. It would be great to add that option.

WDYT?

User avatar
garvinhicking
Core Developer
Posts: 30020
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Post by garvinhicking » Mon Oct 29, 2007 12:14 pm

Hi!

You can install the spamblock plugin, it has an "emergency shutdown" mode for comments!

Regards
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/

carl_galloway
Regular
Posts: 1331
Joined: Sun Dec 04, 2005 5:43 pm
Location: Andalucia, Spain
Contact:

Post by carl_galloway » Sun Nov 11, 2007 10:13 am

I have just suffered the most extreme case of trackback spam I could imagine ever having to endure, and I need some help from those of you with more experience in this.

Basically, over the last 24 hours my site has been spammed (trackbacks and comments) on average 5-6 times per second, peaking at 30 times per second. My spamblock plugin now probably lists every single medication known to man, and I've had to completely disable api comments again.

How do I completely disable trackbacks so that they don't even get processed? The server has taken a lot of load from this and is still doing so, and my blog is on a shared account.

User avatar
garvinhicking
Core Developer
Posts: 30020
Joined: Tue Sep 16, 2003 9:45 pm
Location: Cologne, Germany
Contact:

Post by garvinhicking » Sun Nov 11, 2007 2:27 pm

Hi Carl!

The FAQ suggests to patch your comment.php file and insert

Code: Select all

if ($_REQUEST['type'] == 'trackback') {
  die('Disabled');
}


(or plural, please look it up).

HTH,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/

carl_galloway
Regular
Posts: 1331
Joined: Sun Dec 04, 2005 5:43 pm
Location: Andalucia, Spain
Contact:

Post by carl_galloway » Sun Nov 11, 2007 2:28 pm

thank you, thank you, thank you

8)

Post Reply