Welcome to WebmasterWorld Guest from 54.196.244.206

Forum Moderators: phranque

Message Too Old, No Replies

Comment SPAM from my own IP

Weird type of SPAM

     
10:07 am on Oct 9, 2007 (gmt 0)

Full Member

10+ Year Member

joined:Aug 9, 2004
posts: 240
votes: 0


Hi all,

I'm having big problems with comment SPAM on my website using a famous content management system. We have been taking a lot of measures to prevent it using captchas, htaccess blocking, disallowing certain words, disallowing certain domains and countries.

It solved much of the SPAM but now it has been coming back, so I implemented a user registration feature. It killed it for a while. Last night when I was checking my logs I once again discovered a lot of SPAM, the problem was that my IP was stated as the source of the SPAM.

So I thought that someone actually breached all of my security features and was spamming from my IP. However I have gone through logs and I find that very unlikely. My Wireless network is secured with WPA encryption with a strong password, I have a NAT-firewall (and software firewalls on all computers) and anti-virus software.

My thinking is that the SPAMer somehow injects SQL statements into the comment script. The code might say to route the source back to the administrators IP which would be mine. Is this a resonable explanation? I'm actually thinking about changing CMS system to prevent these kind of SPAM-attacks, is there any other solution?

Thanks!

2:24 pm on Oct 9, 2007 (gmt 0)

Preferred Member

10+ Year Member

joined:Jan 9, 2003
posts:359
votes: 0


I use the blacklist from project honeypot which filters the comment spams quite accurately.
6:54 pm on Oct 9, 2007 (gmt 0)

Senior Member from CA 

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 31, 2003
posts:9063
votes: 2


Your local IP address, or the server's IP address? Either way, it's bad news. Is your CMS updated to the latest version?
3:51 am on Oct 10, 2007 (gmt 0)

Administrator from JP 

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Oct 12, 2000
posts:14472
votes: 49


I second Project Honeypot. Also take a look at Akismet. It works with about 20 other CMSs aside from WordPress.

And as encyclo suggested, make sure you're running the latest version of your CMS package. If you've missed a critical update along the way it's possible you're the victim of an exploit.

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members