Geeklog Forums

Recently I've been seeing alot of hits to the admin profile link straight from the direct url. Example http://www.yoursite.com/profiles.php?uid=2 and was wondering if this is normal or is it a hacker or spammer trying to post a spam msg to the user account. I've noticed this in the GUS logs and need to know how to stop this from happening or maybe someone else has a suggestion on what to do.

you mean that you get a hit without referrer linking to the admin page of your site?

Yep...thats right...I see it in the logs all the time. Some even try to actually post, but fail because there is no return information included, as if they were not logged in.

Any ideas why this is happening? And how I can get it to stop?

Did you install Bad behavior plugin?

Ohh I have it all installed here....including the spamx and the new addon...but as soon as I disable the Bad Bahavior, I get alot more undesired traffic. I also know that I have had a few complaints that the plugin has stopped older IE browsers, like IE 4.0. This was confirmed with some testing a user that wanted to connect to the system and couldn't. After they registered...I turn BB back on and now they can't get back in. But htis is not that big of a deal at this moment. I am still wondering whats causing the http://www.spacequad.com/profiles.php?uid=2 referer links to show up with only one hit directly no other pages viewed to get to it.

Are you getting a lot of those or why do you think it's a problem?

It's not the first time spammers try to use web forms for spamming and not the first time they're doing automated scans. Someone may have figured out that all Geeklog sites have an email form at that URL and is now trying to abuse it. They will figure out eventually that Geeklog filters out any extra headers they're trying to send, so the form is useless for spamming.

Did you actually get any emails via that form?

bye, Dirk