homepage Welcome to WebmasterWorld Guest from 54.147.248.118
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / WebmasterWorld / Webmaster General
Forum Library, Charter, Moderators: phranque

Webmaster General Forum

    
Comment SPAM from my own IP
Weird type of SPAM
shigamoto

10+ Year Member



 
Msg#: 3472579 posted 10:07 am on Oct 9, 2007 (gmt 0)

Hi all,

I'm having big problems with comment SPAM on my website using a famous content management system. We have been taking a lot of measures to prevent it using captchas, htaccess blocking, disallowing certain words, disallowing certain domains and countries.

It solved much of the SPAM but now it has been coming back, so I implemented a user registration feature. It killed it for a while. Last night when I was checking my logs I once again discovered a lot of SPAM, the problem was that my IP was stated as the source of the SPAM.

So I thought that someone actually breached all of my security features and was spamming from my IP. However I have gone through logs and I find that very unlikely. My Wireless network is secured with WPA encryption with a strong password, I have a NAT-firewall (and software firewalls on all computers) and anti-virus software.

My thinking is that the SPAMer somehow injects SQL statements into the comment script. The code might say to route the source back to the administrators IP which would be mine. Is this a resonable explanation? I'm actually thinking about changing CMS system to prevent these kind of SPAM-attacks, is there any other solution?

Thanks!

 

kwngian

10+ Year Member



 
Msg#: 3472579 posted 2:24 pm on Oct 9, 2007 (gmt 0)

I use the blacklist from project honeypot which filters the comment spams quite accurately.

encyclo

WebmasterWorld Senior Member encyclo us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3472579 posted 6:54 pm on Oct 9, 2007 (gmt 0)

Your local IP address, or the server's IP address? Either way, it's bad news. Is your CMS updated to the latest version?

bill

WebmasterWorld Administrator bill us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 3472579 posted 3:51 am on Oct 10, 2007 (gmt 0)

I second Project Honeypot. Also take a look at Akismet. It works with about 20 other CMSs aside from WordPress.

And as encyclo suggested, make sure you're running the latest version of your CMS package. If you've missed a critical update along the way it's possible you're the victim of an exploit.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Webmaster General
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved