Posted on: 09/02/06 01:28pm
By: jmucchiello
Why doesn't the trackback table store the uid of the user who posted it? That would make it easy to ban accounts used by spammers. The profile page could then include a show all trackbacks area.
Of course I also wonder why there isn't a system feature called "Trackback.Write" that you can deny anonymous access to. That would probably eliminate 80% of my trackback spam.
Trackback woes
Posted on: 09/02/06 01:42pm
By: Dirk
You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.
Have you installed the
update for lib-trackback.php[*1] yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
bye, Dirk
Trackback woes
Posted on: 09/02/06 03:00pm
By: jmucchiello
[QUOTE BY= Dirk] You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.[/QUOTE]Why? How is the world a better place because people can anonymously litter junk on my webpages? I've been using the Internet for almost 20 years and I cannot fathom the value of cross-page links having to be anonymous. There is no part of my website that allows anonymous users to change my website (short of the views counts). No voting, no comments, no story submissions. Nothing. Why would I allow anonymous users access to the what's related block?
Having just read the specification, I enjoy how bloggers have not learned from the mistakes of history. In any case, just because all this stuff is automated does not mean that GL has to display trackbacks automatically. Perhaps I'll hunt down the submission hack I saw in the hacks forum....
Have you installed the
update for lib-trackback.php[*1] yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?
Trackback woes
Posted on: 09/02/06 03:10pm
By: Dirk
If you don't like trackbacks, then you can always switch them off. See the documentation.
[QUOTE BY= jmucchiello] I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?[/QUOTE]
Make sure you have $_CONF['check_trackback_link'] set to 1 or 2 in your config.php. It default to 0, meaning no checks, unfortunately, when you don't set that option at all.
bye, Dirk
Trackback woes
Posted on: 09/05/06 09:52pm
By: DubiousChrisJ
I have all the trackback spam settings configured according to the updated info, but I am still getting an assortment of trackbacks which go to random .info domains. Has anyone else seen this?
P.S. Although I've been blowing up the forum with questions this week, I've been running GL for a year and a half, and I still think it's the best CMS out there, period. Thanks, Dirk, you are very appreciated for all the work you do.
Trackback woes
Posted on: 09/06/06 01:35pm
By: DubiousChrisJ
OK, I have done everything suggested for trackback spammers, including setting my speedlimit to 900. All this has done is limit the amount of trackback spam I get to 4 an hour.
Every single link is to a randomly generated prefix followed by .info, and they all redirect to my2ch.info.
How can I block *.info from ever appearing as a trackback?
Trackback woes
Posted on: 09/06/06 02:02pm
By: Dirk
Hmm, I would be really interested in those trackback spams. There is a way to work around the new spam check, but I somehow doubt the spammers are that desperate yet.
Can you email me some of those, please? Thanks.
bye, Dirk
Trackback woes
Posted on: 09/06/06 02:09pm
By: DubiousChrisJ
Trackback woes
Posted on: 09/06/06 02:23pm
By: Dirk
k, got it - feel free to delete it.
bye, Dirk
Trackback woes
Posted on: 09/06/06 02:50pm
By: DubiousChrisJ
Is there a way to add *.info to my personal SpamX blacklist?
Trackback woes
Posted on: 09/06/06 03:24pm
By: DubiousChrisJ
OK, so adding http://.*.info to my personal SpamX blacklist finallly blocked the attack. I'll just have to remember to clear the SpamX logs...
Wed 06 Sep 2006 15:01:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 212.227.93.20
Wed 06 Sep 2006 15:01:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:02:59 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 222.124.24.117
Wed 06 Sep 2006 15:02:59 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:04:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:04:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:05:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:05:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:06:40 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:06:40 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:07:54 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 198.70.193.250
Wed 06 Sep 2006 15:07:54 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:11:57 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:11:57 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:12 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:13:12 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:48 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:13:48 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:13:56 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 213.147.3.80
Wed 06 Sep 2006 15:13:56 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:14:55 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 129.41.250.20
Wed 06 Sep 2006 15:14:55 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:15:39 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:15:39 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:28 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 62.7.244.103
Wed 06 Sep 2006 15:17:28 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:17:46 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:17:46 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:35 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:18:35 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:38 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:18:38 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:18:53 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:18:53 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:19:23 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 61.60.91.61
Wed 06 Sep 2006 15:19:23 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:25 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 59.165.163.21
Wed 06 Sep 2006 15:20:25 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:37 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 81.208.95.27
Wed 06 Sep 2006 15:20:37 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:20:41 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 200.216.215.110
Wed 06 Sep 2006 15:20:41 EDT - Deleted Spam Comment
Wed 06 Sep 2006 15:21:36 EDT - Found Spam Comment matching http://.*.info posted by user 1 from IP 88.39.135.90
Wed 06 Sep 2006 15:21:36 EDT - Deleted Spam Comment
Trackback woes
Posted on: 09/06/06 03:37pm
By: Dirk
Comparing some of those IP addresses with our server logs here, it looks like it's the trackback spam I was briefly talking about
here[*3] . Those were all blocked by Bad Behavior, though. Maybe I should let some through, just to see how they do it ...
bye, Dirk
Trackback woes
Posted on: 09/06/06 04:02pm
By: Dirk
Apologies to DubiousChrisJ for not believing him - these spammers do indeed defeat Geeklog's new trackback check.
We've actually been hammered with those for a while, but they have successfully been blocked by Bad Behaviour. And, as mentioned in the blog post above, they all use the same user agent string of an old Firefox version:
"Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.7) Gecko/20040626 Firefox/0.9.1"
That's easy to block in a .htaccess, if you don't mind blocking someone who happens to still use that version (very unlikely, I would think).
Well, off to the next round ...
bye, Dirk
Trackback woes
Posted on: 09/11/06 09:23am
By: spatz4000
So either require all visitors to login before they see any and all content. Or turn off trackbacks.
[QUOTE BY= jmucchiello] [QUOTE BY= Dirk] You seem to misunderstand how trackbacks work. They are always anonymous and can not be tied to a account on your site.[/QUOTE]Why? How is the world a better place because people can anonymously litter junk on my webpages? I've been using the Internet for almost 20 years and I cannot fathom the value of cross-page links having to be anonymous. There is no part of my website that allows anonymous users to change my website (short of the views counts). No voting, no comments, no story submissions. Nothing. Why would I allow anonymous users access to the what's related block?
Having just read the specification, I enjoy how bloggers have not learned from the mistakes of history. In any case, just because all this stuff is automated does not mean that GL has to display trackbacks automatically. Perhaps I'll hunt down the submission hack I saw in the hacks forum....
Have you installed the
update for lib-trackback.php[*1] yet (also included in the latest Geeklog releases)? This pretty much stops any Trackback spam.
I upgraded from 1.3.11 on 7/21 according to my filesystem. Should this change have been included in the 1.4.0sr5 tar?[/QUOTE]