Welcome to Geeklog, Anonymous Wednesday, December 25 2024 @ 09:37 am EST

News

Geeklog 1.3.11sr2

  • Sunday, October 09 2005 @ 04:55 am EDT
  • Contributed by:
  • Views: 14,141
Security

Since the development of Geeklog 1.3.12 takes much longer than anticipated, we thought we'd make some of the security enhancements and improved spam protection we developed for 1.3.12 available to users of Geeklog 1.3.11. We also threw in a few bugfixes.

  • Added a login speed limit, kicking in after 3 failed login attempts (configurable in config.php).
  • Filter linefeeds from the To:, From:, and Subject: fields of any email sent through COM_mail.
  • Checks for spam are now done for comments, story, link, and event submissions, the message sent with the "email story to a friend" option, and for the contents of the user profile.
  • Spammers get a 403 HTTP response code now and have to wait for the submission speed limit to expire.
  • Spam-X plugin 1.0.2 included (with the default URL for MT-Blacklist changed to geeklog.net, due to MT-Blacklist being discontinued).

Bugfixes include a fix for a problem with PHP 5.0.5, better handling of special characters in email addresses, a fix for the staticpage: autotag throwing an SQL error, updated kses filter, and a few more.

See the list of changes for more information.

As usual, we provide an upgrade from 1.3.11sr1 and a complete 1.3.11sr2 tarball.

MT-Blacklist discontinued

  • Thursday, October 06 2005 @ 01:09 pm EDT
  • Contributed by:
  • Views: 27,208
Spam

As you may have noticed when trying to update MT-Blacklist from the Spam-X plugin recently, the blacklist hasn't been updated in a while and has now even started to throw error messages. The reason is that Jay Allen has discontinued MT-Blacklist.

We would like to thank Jay for his work on MT-Blacklist and hope that his assessment that MT-Blacklist is no longer needed proves to be correct.

As a temporary measure, the last complete MT-Blacklist is available here on geeklog.net. So if you set up a new Geeklog site, open up the Spam-X config.php file (/path/to/geeklog/plugins/spamx/config.php) and update the URL for the initial import to read:

// Entire MT-Blacklist (for inital import)
$_SPX_CONF['mtblacklist_url'] = 'http://www.geeklog.net/backend/blacklist.txt';

Please note that there will be no updates, so if you already did the initial import, clicking on "Update MT-Blacklist" won't do anything (other than throwing an error message ...).

We will be looking into providing other means of spam protection for Geeklog in future releases. In the meantime, the last version of MT-Blacklist should provide some sort of protection for the time being. We suggest that you check your site for new comments / posts on a regular basis and feed your personal blacklist with any URLs and keywords of spam that you may encounter.

And if you haven't already done so, upgrade to Spam-X 1.0.2, which includes some new spam filtering modules.

Spam-X plugin 1.0.2

  • Sunday, August 21 2005 @ 12:20 pm EDT
  • Contributed by:
  • Views: 12,569
Spam

The Spam-X plugin 1.0.2 is now available for download. This release fixes a few bugs, includes new modules and also implements the necessary name change.

  • Fixed MassDelete module
  • New module to filter spam posts by IP address
  • New module to filter spam posts by the IP address of the spamvertized domain
  • New module to filter spam posts by characteristics of the HTTP header

The tarball also includes an updated submit.php which now filters story, link, and event submissions for spam.

This release is compatible with Geeklog 1.3.10, 1.3.11, and 1.3.11sr1. If you're running the current CVS version (1.3.12cvs), please do not install this plugin but continue to use the CVS version.

Page navigation