Comment Spam

terrym2442 · Post by **terrym2442** » Fri Mar 24, 2006 3:32 pm

Hi,

For weeks now, I've been bombarded by Comment Spam (I've set admin to moderate so it doesn't get posted), but as there are nearly 100/day, it is getting too time consuming to manually delete them. I don't want to set it to prevent comments, as I want the "real" stuff to get through.

Is there any way to stop this? The email addresses are often the same, but their IP changes each time. Help!

Terry

Post by **garvinhicking** » Fri Mar 24, 2006 4:10 pm

Hi!

You could set your spamblock configuration to "Reject" instead of "Moderate" for textfiltered comments and then enter the email addresses to block in the spamblock config?

Regards,
Garvin

terrym2442 · Post by **terrym2442** » Fri Mar 24, 2006 5:06 pm

Garvin,

Thanks for your tips. Why can't I find this configuration in my control panel?? You'd think I'd remember where I set it up for moderate status, but I sure can't find it now. Arghh!

Post by **garvinhicking** » Fri Mar 24, 2006 5:09 pm

Just go to Plugin Configuration > Event plugins: Spamblock and click on that plugin to configure it.

Regards,
Garvin

terrym2442 · Post by **terrym2442** » Fri Mar 24, 2006 5:31 pm

Hi Gavin,

Strange...that's where I am.
I see this: "Reject comments from RBL-listed hosts" and have that checked, and this: "Force comment moderation after how many days", which I have set to 30. I don't see any fields to enter email addresses, just IPs.

The spam is pouring in for weeks and though much of it is from one address, there are almost just as many from other addresses as well.

Terry

Post by **garvinhicking** » Sun Mar 26, 2006 9:43 pm

What s9y version are you using? Depending on that you have different options in the plugin.

Best thing would be to create a screenshot and show it to us. Or if you know that you're not running serendipity 0.9.1 at least, you should upgrade.

Regards,
Garvin

terrym2442 · Post by **terrym2442** » Mon Mar 27, 2006 12:08 am

Garvin,

I am running v.0.7.1 . Will upgrading help with this spam problem? I just deleted over 300 just from the last few days, alone.

Terry

Post by **garvinhicking** » Mon Mar 27, 2006 12:59 pm

Upgrading from 0.7.1 will not only help in your spam problem, but also fix serous security issues that Serendipity prior to 0.8.5 has. Your current installation is very attackable.

Best regards,
Garvin

terrym2442 · Post by **terrym2442** » Mon Mar 27, 2006 3:48 pm

Garvin,

Thanks for the advice. I will ask my webmaster to do just that. It really has been awful to deal with.

Thanks,
Terry

cjbyron · Post by **cjbyron** » Wed Apr 05, 2006 7:44 pm

I just had over 900+ comments that went through the comments.php and used "bcc" to spam thousands of addresses off the server.

I've totally disabled comments. The comment.php is allowing bcc to be used.

ex:

Email: ShedThatFatToday Content-Type: multipart/alternative; boundary=f7c11fb6fe5db4c5697dc6aee2d6e11e MIME-Version: 1.0 From: ShedThatFatToday@team.com Subject: Do you look your best? bcc: carolbacon@ao

So they are using that to send spam from the server that the comments.php resides on. This bogged down my server for 6 hours until I stopped it due to over 250,000 bounces in the que!

Just an fyi on this topic.

Cj

Post by **garvinhicking** » Wed Apr 05, 2006 9:11 pm

cjbyron: Which s9y version are you using? This should not happen on a 0.9.1 or 1.0 version...

Regards,
Garvin

cjbyron · Post by **cjbyron** » Wed Apr 05, 2006 9:46 pm

Says: You are running Serendipity v.0.7.1

Post by **garvinhicking** » Wed Apr 05, 2006 9:50 pm

Wow, that is hugely outdated, and there are at least one other security issues with XML-RPC.

You should follow the news / release announcements of any software you are using, and at least subscribe to our "Security" RSS feed.

In any case, nobody should run Serendipity prior to 0.8.5 any more. Actually nobody should be running any Blog software older than one year because of the XML-RPC security issue last year.

Regards,
Garvin

cjbyron · Post by **cjbyron** » Wed Apr 05, 2006 9:54 pm

Yeah, good advice. Unfortunately I'm a busy person.

So is there an update that can easily upgrade it to the current version without too many problems?

THanks!

Post by **garvinhicking** » Wed Apr 05, 2006 10:20 pm

Hi!

Yes, I'm really sorry for that - but the Serendipity people sadly have no control over everyone's server, so it's in their responsibility to upgrade - we try to publicize bugs as soon and broad as possible. Sadly in the past 1-2 years, many web applications were subject to Spammer and Cracker attacks, so the hacking attempts resulted in some security flaws being detected in many applications. If your server is running any other Software than just Serendipity, you should look if that software also needs upgrading! phpBB is also an application that is very often affected..

Anyways: Yes, you can easily upgrade Serendipity. First of all, make a backup of your files and SQL database - that's always good to have. Then follow the steps in our FAQ: http://www.s9y.org/11.html#A19 ("How Do I Upgrade Serendipity"). It's all very easy and usually only a matter of 2 Minutes.

In Serendipity 0.8 a new template mechanism was introduced; old themes should still work, but it's recommended to switch to a new template. Detailed steps for the upgrade from 0.7 are here: http://www.s9y.org/63.html#A14

0.7.1 is from December 2004, so in the past 1.5 years many things have changed. That's why depending on your modifications you need to read a lot of update notes. But many users have done the upgrade from 0.7 to 1.0 without any problems.

Best regards,
Garvin

Comment Spam

Comment Spam

Re: Comment Spam