Welcome to Geeklog, Anonymous Thursday, March 28 2024 @ 05:43 pm EDT

Geeklog Forums

Spam-related question about latest GL version.


Status: offline

Don

Forum User
Full Member
Registered: 06/09/04
Posts: 153
This morning, my GL site was bombarded with a massive spam attack - to the point that it completely bolloxed the server and forced the hosting company to throttle back my SQL access.

I tried posting a bit of the code earlier to show what was in my error log, but it was detected as spam and the post was deleted. In fact, I won't know until I post this whether or not I've been banned from posting here, but we'll see.

At this point, my site is down and I don't know what havoc has been visited upon my database, and I won't know what's up until my site is migrated to a new server.

My question is this: are the anti-spam measures in the new GL release enought to prevent this from happening in the future, or at least decrease the chances?

I actually downloaded the latest version last night and was planning on installing it today after work. Timing is everything, I guess.

- Don
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Seems I unblocked your IP address just in time for you to try again. We're using Bad Behavior and its Spam-X module here on the site, which means that any IP adress that has been found to post spam will then be blocked by Bad Behavior. So don't try and post samples of the spam you got here as it will most likely be regarded as such ...

The error.log entries you tried to post were timeout messages for SLV. It seems their server is pretty busy theses days, so SLV often times out and that is then logged in error.log. It also means that those posts have not been analyzed by SLV.

To answer your question: Massive spam runs that bring down your database is not something that Geeklog's spam protection will be able to prevent. That's pretty much the same as a Denial-of-Service attack - at some point, it's just too much.

The Bad Behavior method mentioned above will help a little bit in these cases, but since it will still do some database requests, that will probably not help if you're really under heavy fire.

If the spam is only coming from a limited amount of IP addresses, you can try blocking those in a .htaccess (assuming you're on an Apache webserver). The same goes if their HTTP requests are somehow unique, e.g. using a certain User Agent string. But again, there's a point where even that won't help.

Usually, only your hosting service will really be able to block massive attacks (spam or otherwise).

bye, Dirk
 Quote

Status: offline

Don

Forum User
Full Member
Registered: 06/09/04
Posts: 153
Thanks for the quick reply, Dirk. And thanks for unblocking me - my luck that you were online. Smile

I was using Bad Behaviour on my old hosting site, but stopped when I changed hosts (although the old Spam-X is still installed presently). Is Bad Behaviour included as part of the new version? I'm assuming the latest Spam-X is in there.

And Happy New Year, and congrats on the new release!

- Don
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Bad Behavior is still a separate download.

bye, Dirk
 Quote

All times are EDT. The time is now 05:43 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content