homepage Welcome to WebmasterWorld Guest from 54.81.170.186
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque & physics

Webmaster General Forum

    
Comment SPAM from my own IP
Weird type of SPAM
shigamoto




msg:3472581
 10:07 am on Oct 9, 2007 (gmt 0)

Hi all,

I'm having big problems with comment SPAM on my website using a famous content management system. We have been taking a lot of measures to prevent it using captchas, htaccess blocking, disallowing certain words, disallowing certain domains and countries.

It solved much of the SPAM but now it has been coming back, so I implemented a user registration feature. It killed it for a while. Last night when I was checking my logs I once again discovered a lot of SPAM, the problem was that my IP was stated as the source of the SPAM.

So I thought that someone actually breached all of my security features and was spamming from my IP. However I have gone through logs and I find that very unlikely. My Wireless network is secured with WPA encryption with a strong password, I have a NAT-firewall (and software firewalls on all computers) and anti-virus software.

My thinking is that the SPAMer somehow injects SQL statements into the comment script. The code might say to route the source back to the administrators IP which would be mine. Is this a resonable explanation? I'm actually thinking about changing CMS system to prevent these kind of SPAM-attacks, is there any other solution?

Thanks!

 

kwngian




msg:3472746
 2:24 pm on Oct 9, 2007 (gmt 0)

I use the blacklist from project honeypot which filters the comment spams quite accurately.

encyclo




msg:3473016
 6:54 pm on Oct 9, 2007 (gmt 0)

Your local IP address, or the server's IP address? Either way, it's bad news. Is your CMS updated to the latest version?

bill




msg:3473418
 3:51 am on Oct 10, 2007 (gmt 0)

I second Project Honeypot. Also take a look at Akismet. It works with about 20 other CMSs aside from WordPress.

And as encyclo suggested, make sure you're running the latest version of your CMS package. If you've missed a critical update along the way it's possible you're the victim of an exploit.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved