Geeklog Forums

Is there some way to make it so that I can authenticate that a poster is a human, like ask people to input a series of numbers that is written elsewhere on the page before it will actually save the comment?? If so what would be the overall gist of the code (I'm new to php and a little help with psuedocode goes a long way) It seems like our spammer keeps changing thier IP address, thereby getting around our ban. Also is it normal for the ban log to never get anything in it?? Ours remains empty even though it seems like it is stopping some unwanted traffic.

Thanks,

-Rob

I got hit with this on two seperate sites (each using GL) as well.

I to had to shut off Anymous comments, as well as setting up an .htaccess to ban the IPs (three different IPs).

What were the Ip's you banned, if you don't mind me asking??

-Rob

I got hit with this hard over the weekend. I've seen one or two here and there over the past couple of months, but this got ever post on the site. Looks like someone has written a bot that scans the site for posts and then injects the comments. The hit on my site lasted about 20 minutes and appeared to come from 6 different IP addresses, though the initial scan seems t ohave originated from a single IP.
I've since set Geekog to not allow anonymous comments, which is fine for the sites I run.
I know there is a way to set a sppedlimit for posts, can the same be done for comments? That might slow this down.
Thanks.
Elmer

You know my site has never been hit by this bot. A number of the ones I have installed have, however. The reason I think mine has been left alone is because in the language file I changed the name of Comments to Barks.

I think the script is looking for comments and leaves me alone because I do not use the default language.

Just an idea.

In config.php:

$_CONF['commentspeedlimit'] = 45;

bye, Dirk

Well I got fed up with this, so I hacked geeklog a bit. Basically if you change around COM_checkwords to return a flag if it finds what the guy is posting (I changed it to any word on my censored list)

Then change Comment.php to check for this(change in the save comment function):

This will prevent anything from posting a comment with censored words (and cramp someone's style if they try to submit a story with censored words too.) It's unfortunate but I found this may be the best way to deal with this.

-Rob

someone posted this idea as a separate thread but it has no replies yet...

There's a content-based comment/trackback spam blocking for Movable Type here. Does anyone know if it works with GL or if there is an integration?

I've been getting hit with the stupid comment spammers too.

I myself would like to know how they are getting thru in posting anonomously. I have been lucky so far as to not get such a posting from this group of bandits. Maybe its because I have things secured. If anyone wishes to take a crack at posting to my site the way that they are posting to your site (the one's that are being abused), please do so and put in the msg that you are testing for security. Click here or goto http://www.spacequad.com to make your posts.

I have had a bunch of anonymous spam links on a couple of sites. The sites have anonymous comment posting turned off and have no signed up users (I do all the publishing).

The spam I got was pointing to pharma related links hosted at 01j.com - a domain registered in Russia.

I've had this happen too. This morning I had about a hundred of them that that I had to clean up. Now I've got a patched geeklog which requires a 10 second delay between hitting 'reply to this' and hitting submit, and disallows anonymous comments with more than 2 links in them. Logged in users can still post as many links as they like. This is a much better solution than IP banning.

I've got a patch against 1.3.9. I'd like to see it incorporated into the actual geeklog distribution.

happy to say that i have missed all this . from day 1 i have not allowed an annonm. to post
but i do get people trying to dl the same file 50 times

i just put this into the httpd.conf