Welcome to Geeklog, Anonymous Sunday, December 22 2024 @ 12:48 am EST
Geeklog Forums
Spam-related question about latest GL version.
Status: offline
Don
Forum User
Full Member
Registered: 06/09/04
Posts: 153
This morning, my GL site was bombarded with a massive spam attack - to the point that it completely bolloxed the server and forced the hosting company to throttle back my SQL access.
I tried posting a bit of the code earlier to show what was in my error log, but it was detected as spam and the post was deleted. In fact, I won't know until I post this whether or not I've been banned from posting here, but we'll see.
At this point, my site is down and I don't know what havoc has been visited upon my database, and I won't know what's up until my site is migrated to a new server.
My question is this: are the anti-spam measures in the new GL release enought to prevent this from happening in the future, or at least decrease the chances?
I actually downloaded the latest version last night and was planning on installing it today after work. Timing is everything, I guess.
- Don
I tried posting a bit of the code earlier to show what was in my error log, but it was detected as spam and the post was deleted. In fact, I won't know until I post this whether or not I've been banned from posting here, but we'll see.
At this point, my site is down and I don't know what havoc has been visited upon my database, and I won't know what's up until my site is migrated to a new server.
My question is this: are the anti-spam measures in the new GL release enought to prevent this from happening in the future, or at least decrease the chances?
I actually downloaded the latest version last night and was planning on installing it today after work. Timing is everything, I guess.
- Don
9
10
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Seems I unblocked your IP address just in time for you to try again. We're using Bad Behavior and its Spam-X module here on the site, which means that any IP adress that has been found to post spam will then be blocked by Bad Behavior. So don't try and post samples of the spam you got here as it will most likely be regarded as such ...
The error.log entries you tried to post were timeout messages for SLV. It seems their server is pretty busy theses days, so SLV often times out and that is then logged in error.log. It also means that those posts have not been analyzed by SLV.
To answer your question: Massive spam runs that bring down your database is not something that Geeklog's spam protection will be able to prevent. That's pretty much the same as a Denial-of-Service attack - at some point, it's just too much.
The Bad Behavior method mentioned above will help a little bit in these cases, but since it will still do some database requests, that will probably not help if you're really under heavy fire.
If the spam is only coming from a limited amount of IP addresses, you can try blocking those in a .htaccess (assuming you're on an Apache webserver). The same goes if their HTTP requests are somehow unique, e.g. using a certain User Agent string. But again, there's a point where even that won't help.
Usually, only your hosting service will really be able to block massive attacks (spam or otherwise).
bye, Dirk
The error.log entries you tried to post were timeout messages for SLV. It seems their server is pretty busy theses days, so SLV often times out and that is then logged in error.log. It also means that those posts have not been analyzed by SLV.
To answer your question: Massive spam runs that bring down your database is not something that Geeklog's spam protection will be able to prevent. That's pretty much the same as a Denial-of-Service attack - at some point, it's just too much.
The Bad Behavior method mentioned above will help a little bit in these cases, but since it will still do some database requests, that will probably not help if you're really under heavy fire.
If the spam is only coming from a limited amount of IP addresses, you can try blocking those in a .htaccess (assuming you're on an Apache webserver). The same goes if their HTTP requests are somehow unique, e.g. using a certain User Agent string. But again, there's a point where even that won't help.
Usually, only your hosting service will really be able to block massive attacks (spam or otherwise).
bye, Dirk
11
15
Quote
Status: offline
Don
Forum User
Full Member
Registered: 06/09/04
Posts: 153
Thanks for the quick reply, Dirk. And thanks for unblocking me - my luck that you were online.
I was using Bad Behaviour on my old hosting site, but stopped when I changed hosts (although the old Spam-X is still installed presently). Is Bad Behaviour included as part of the new version? I'm assuming the latest Spam-X is in there.
And Happy New Year, and congrats on the new release!
- Don
I was using Bad Behaviour on my old hosting site, but stopped when I changed hosts (although the old Spam-X is still installed presently). Is Bad Behaviour included as part of the new version? I'm assuming the latest Spam-X is in there.
And Happy New Year, and congrats on the new release!
- Don
13
11
Quote
All times are EST. The time is now 12:48 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content