Welcome to Geeklog, Anonymous Sunday, November 24 2024 @ 05:54 pm EST
Geeklog Forums
Trackback woes
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
Why doesn't the trackback table store the uid of the user who posted it? That would make it easy to ban accounts used by spammers. The profile page could then include a show all trackbacks area.
Of course I also wonder why there isn't a system feature called "Trackback.Write" that you can deny anonymous access to. That would probably eliminate 80% of my trackback spam.
Of course I also wonder why there isn't a system feature called "Trackback.Write" that you can deny anonymous access to. That would probably eliminate 80% of my trackback spam.
23
16
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.
Have you installed the update for lib-trackback.php yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
bye, Dirk
Have you installed the update for lib-trackback.php yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
bye, Dirk
16
17
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
Quote by Dirk: You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.
Why? How is the world a better place because people can anonymously litter junk on my webpages? I've been using the Internet for almost 20 years and I cannot fathom the value of cross-page links having to be anonymous. There is no part of my website that allows anonymous users to change my website (short of the views counts). No voting, no comments, no story submissions. Nothing. Why would I allow anonymous users access to the what's related block?Having just read the specification, I enjoy how bloggers have not learned from the mistakes of history. In any case, just because all this stuff is automated does not mean that GL has to display trackbacks automatically. Perhaps I'll hunt down the submission hack I saw in the hacks forum....
Have you installed the update for lib-trackback.php yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?
23
22
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
If you don't like trackbacks, then you can always switch them off. See the documentation.
Make sure you have $_CONF['check_trackback_link'] set to 1 or 2 in your config.php. It default to 0, meaning no checks, unfortunately, when you don't set that option at all.
bye, Dirk
Quote by jmucchiello: I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?
Make sure you have $_CONF['check_trackback_link'] set to 1 or 2 in your config.php. It default to 0, meaning no checks, unfortunately, when you don't set that option at all.
bye, Dirk
24
20
Quote
Status: offline
DubiousChrisJ
Forum User
Regular Poster
Registered: 05/10/05
Posts: 114
I have all the trackback spam settings configured according to the updated info, but I am still getting an assortment of trackbacks which go to random .info domains. Has anyone else seen this?
P.S. Although I've been blowing up the forum with questions this week, I've been running GL for a year and a half, and I still think it's the best CMS out there, period. Thanks, Dirk, you are very appreciated for all the work you do.
Luhme summa dat GL.
P.S. Although I've been blowing up the forum with questions this week, I've been running GL for a year and a half, and I still think it's the best CMS out there, period. Thanks, Dirk, you are very appreciated for all the work you do.
Luhme summa dat GL.
23
20
Quote
Status: offline
DubiousChrisJ
Forum User
Regular Poster
Registered: 05/10/05
Posts: 114
OK, I have done everything suggested for trackback spammers, including setting my speedlimit to 900. All this has done is limit the amount of trackback spam I get to 4 an hour.
Every single link is to a randomly generated prefix followed by .info, and they all redirect to my2ch.info.
How can I block *.info from ever appearing as a trackback?
Luhme summa dat GL.
Every single link is to a randomly generated prefix followed by .info, and they all redirect to my2ch.info.
How can I block *.info from ever appearing as a trackback?
Luhme summa dat GL.
22
17
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Hmm, I would be really interested in those trackback spams. There is a way to work around the new spam check, but I somehow doubt the spammers are that desperate yet.
Can you email me some of those, please? Thanks.
bye, Dirk
Can you email me some of those, please? Thanks.
bye, Dirk
25
24
Quote
Status: offline
DubiousChrisJ
Forum User
Regular Poster
Registered: 05/10/05
Posts: 114
Here's one that came in in the last five minutes
Now, they must be storing the link back somewhere in there mess to fool the validation, but remapping the return string when someone clicks the link.
Luhme summa dat GL.
Now, they must be storing the link back somewhere in there mess to fool the validation, but remapping the return string when someone clicks the link.
Luhme summa dat GL.
18
17
Quote
Status: offline
DubiousChrisJ
Forum User
Regular Poster
Registered: 05/10/05
Posts: 114
Is there a way to add *.info to my personal SpamX blacklist?
Luhme summa dat GL.
Luhme summa dat GL.
20
18
Quote
Status: offline
DubiousChrisJ
Forum User
Regular Poster
Registered: 05/10/05
Posts: 114
OK, so adding http://.*.info to my personal SpamX blacklist finallly blocked the attack. I'll just have to remember to clear the SpamX logs...
Wed 06 Sep 2006 15:01:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 212.227.93.20
Wed 06 Sep 2006 15:01:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:02:59 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 222.124.24.117
Wed 06 Sep 2006 15:02:59 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:04:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:04:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:05:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:05:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:06:40 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:06:40 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:07:54 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 198.70.193.250
Wed 06 Sep 2006 15:07:54 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:11:57 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:11:57 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:12 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:13:12 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:48 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:13:48 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:56 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 213.147.3.80
Wed 06 Sep 2006 15:13:56 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:14:55 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:14:55 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:15:39 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:15:39 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:28 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 62.7.244.103
Wed 06 Sep 2006 15:17:28 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:46 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:17:46 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:35 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:18:35 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:18:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:53 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:18:53 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:19:23 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:19:23 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:25 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:20:25 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:20:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:20:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:21:36 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:21:36 EDT - Deleted Spam Comment
Luhme summa dat GL.
Wed 06 Sep 2006 15:01:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 212.227.93.20
Wed 06 Sep 2006 15:01:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:02:59 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 222.124.24.117
Wed 06 Sep 2006 15:02:59 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:04:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:04:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:05:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:05:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:06:40 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:06:40 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:07:54 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 198.70.193.250
Wed 06 Sep 2006 15:07:54 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:11:57 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:11:57 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:12 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:13:12 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:48 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:13:48 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:56 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 213.147.3.80
Wed 06 Sep 2006 15:13:56 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:14:55 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:14:55 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:15:39 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:15:39 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:28 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 62.7.244.103
Wed 06 Sep 2006 15:17:28 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:46 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:17:46 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:35 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:18:35 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:18:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:53 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:18:53 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:19:23 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:19:23 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:25 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:20:25 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:20:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:20:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:21:36 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:21:36 EDT - Deleted Spam Comment
Luhme summa dat GL.
20
20
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Apologies to DubiousChrisJ for not believing him - these spammers do indeed defeat Geeklog's new trackback check.
We've actually been hammered with those for a while, but they have successfully been blocked by Bad Behaviour. And, as mentioned in the blog post above, they all use the same user agent string of an old Firefox version:
That's easy to block in a .htaccess, if you don't mind blocking someone who happens to still use that version (very unlikely, I would think).
Well, off to the next round ...
bye, Dirk
We've actually been hammered with those for a while, but they have successfully been blocked by Bad Behaviour. And, as mentioned in the blog post above, they all use the same user agent string of an old Firefox version:
Text Formatted Code
"Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7) Gecko/20040626 Firefox/0.9.1"That's easy to block in a .htaccess, if you don't mind blocking someone who happens to still use that version (very unlikely, I would think).
Well, off to the next round ...
bye, Dirk
23
21
Quote
Status: offline
spatz4000
Forum User
Junior
Registered: 07/14/06
Posts: 25
So either require all visitors to login before they see any and all content. Or turn off trackbacks.
Quote by jmucchiello:
Having just read the specification, I enjoy how bloggers have not learned from the mistakes of history. In any case, just because all this stuff is automated does not mean that GL has to display trackbacks automatically. Perhaps I'll hunt down the submission hack I saw in the hacks forum....
Quote by Dirk: You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.
Why? How is the world a better place because people can anonymously litter junk on my webpages? I've been using the Internet for almost 20 years and I cannot fathom the value of cross-page links having to be anonymous. There is no part of my website that allows anonymous users to change my website (short of the views counts). No voting, no comments, no story submissions. Nothing. Why would I allow anonymous users access to the what's related block?Having just read the specification, I enjoy how bloggers have not learned from the mistakes of history. In any case, just because all this stuff is automated does not mean that GL has to display trackbacks automatically. Perhaps I'll hunt down the submission hack I saw in the hacks forum....
Have you installed the update for lib-trackback.php yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?
23
27
Quote
All times are EST. The time is now 05:54 pm.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content