355 Spam posts in one evening (3.Viewing)

MapleDots

MapleDotsMapleDots is verified member.

MapleDots.ca
Domain Business
Community Guide
Joined
Nov 4, 2020
Topics
1,716
Posts
7,160
Likes
6,538
From
Waterloo, ON
Country flag
WordPress-Spam-Posts.jpg



Was horrified to see 355 spam posts caught in various stages of our spam filters.

All but three of them originated from India based ip addresses.

It's high time that India does something about this because it's out of control.

The only real answer I have for this is to ban IP's from India registering but that would affect legitimate users as well.

All part of running a public website I guess :eek:
 
Again, the spam hitting the contact form and registration form totaled in the hundreds last night and the night before. In both cases only one registration per night got through our security protocols.

That said, when I look at the logs there are thousands of hits from two country's that clog up all my stats and resources. I am currently at the end of my monthly uses and have to upgrade server resources at significant monthly expense.

I am first going to ip ban all activity from Russia to eliminate thousands of spam attempts.

Unfortunately this may impact about 5 active members from India and I will attempt to white list their IP's.

In the long run I will probably be adding additional countries to the ban list, but I don't see that being too problematic given we are highly specialized in .ca. I know we list other extensions too but that is mostly for the convenience of our members and not necessarily meant to attract users from other countries.

Looking at it from a usability side I think keeping our group small and tight, highly focused on .ca will make/keep the forum more conducive to it's users.
 
Last edited:
What I do is record failed recaptcha submissions into one logfile, and passed recaptcha submissions into another log file. That's done on the php/form side. Then I run a script to count up how many failures by IP, and from which countries. The script will blacklist IP addresses that pass whatever thresholds I set, using iptables. That'll make sure the server resources are not used as it just completely ignores those incoming connections. It's not unusual to find a single IP making thousands of attempts.

I have another version too for tracking IPs that are trying to log into my server - failed attempt gets your IP banned. But the ban is timestamped and released after a pre-defined time period.

There is probably software out there to do that too, but I first started doing it like 20 years ago, so I just stuck with rolling my own.
 
Yeah, I get you

I just puchased three pieces of software

One checks to see if you are a bot trying to sign up and it sends you in loops. It is 100% effective against bots for fake registrations.

The other one prevents you from logging in should your ip be logged on a list of nefarious ip addresses. Please note that now includes a lot of proxy services so if you are using a VPN you may not be able to login. That list gets updated daily and I can safelist a proxy.

The other place I get hundreds of spam is the yellow contact us link at the bottom of the page. It is required in case someone cannot login and reCaptcha has zero effect, the bots get right through. Again I now have custom software that sends the bots into loops.
 
Login or Register to reply

Sponsors who contribute to keep dn.ca free for everyone.

Sponsor
CanSpace
CIRA
FullHost
WHC
Donors

Sponsors who contribute to keep dn.ca free.

Members who recently read this topic: 29

Back
Top Bottom