Welcome to WebmasterWorld Guest from 54.242.134.77

Forum Moderators: phranque

Message Too Old, No Replies

Comment SPAM from my own IP

Weird type of SPAM

     

shigamoto

10:07 am on Oct 9, 2007 (gmt 0)

10+ Year Member



Hi all,

I'm having big problems with comment SPAM on my website using a famous content management system. We have been taking a lot of measures to prevent it using captchas, htaccess blocking, disallowing certain words, disallowing certain domains and countries.

It solved much of the SPAM but now it has been coming back, so I implemented a user registration feature. It killed it for a while. Last night when I was checking my logs I once again discovered a lot of SPAM, the problem was that my IP was stated as the source of the SPAM.

So I thought that someone actually breached all of my security features and was spamming from my IP. However I have gone through logs and I find that very unlikely. My Wireless network is secured with WPA encryption with a strong password, I have a NAT-firewall (and software firewalls on all computers) and anti-virus software.

My thinking is that the SPAMer somehow injects SQL statements into the comment script. The code might say to route the source back to the administrators IP which would be mine. Is this a resonable explanation? I'm actually thinking about changing CMS system to prevent these kind of SPAM-attacks, is there any other solution?

Thanks!

kwngian

2:24 pm on Oct 9, 2007 (gmt 0)

10+ Year Member



I use the blacklist from project honeypot which filters the comment spams quite accurately.

encyclo

6:54 pm on Oct 9, 2007 (gmt 0)

WebmasterWorld Senior Member encyclo is a WebmasterWorld Top Contributor of All Time 10+ Year Member



Your local IP address, or the server's IP address? Either way, it's bad news. Is your CMS updated to the latest version?

bill

3:51 am on Oct 10, 2007 (gmt 0)

WebmasterWorld Administrator bill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month



I second Project Honeypot. Also take a look at Akismet. It works with about 20 other CMSs aside from WordPress.

And as encyclo suggested, make sure you're running the latest version of your CMS package. If you've missed a critical update along the way it's possible you're the victim of an exploit.

 

Featured Threads

Hot Threads This Week

Hot Threads This Month