The spam attack we had on the website on Friday and over the weekend and this has now been resolved.
The problem was that we had spam users breaking the Captcha and becoming registered users. This meant that these spam users were free to post comments that bypassed the spam filter.
This is what caused some registered users who had the notify-me-when-new-comments-are-posted option checked, to receive hundreds of notification emails during the weekend.
7 Comments
Elley, yes we do. That is a requirement of our new system. Even though we can't work out the commercial reason for doing so, some spammers are now paying real people to break Captcha just to get behind it. $3 per 1000 Captcha's broken seems to be the going rate - apparently a living in some countries ...
The more popular we are, the more focussed the attacks. We just need to try and stay ahead of them. But we don't always win. For us the problem is that we don't want to compromise the conversational style of our Commenting system.
I was watching as it happened.....That was no script Kiddie that servers 1/1000 the size of yours even get hit a 500 to1000 times a day on, unsuccessfully, mainly from countries that have hit % of pirated software that cant get security updates or service packs....These are controlled remotely...
Considering it was Friday evening dinner time or heading for a night out....
It was picked up surprisingly quick, cleaned up....thu I suspect a backup since at worst in the time frame at most 6 posts would be lost...and it cleaned up fast.
I got sick of getting hit by spam bots, email bots script kiddies and religious fanatics....If their isps and counties will not enforce the rules about it...the Internet one day has, will move on from the wild west stage when enough ppl say "no" I and many other servers are blocking these Countries, and some isps in some countries. We see them now ...sort the ips with 404 or 403 errors, look down the list and thats where near all the script kiddies, bots come from, even if just going thu. and all the Bots, and the attempts to join...Also to be noted our website is still in the top 3 on all major search engines within those countries blocked...When the citizens in those counties start to complain less and less of the Internet servers are available, they will complain.
Isps start to black list 'innocent ' users, user numbers drop....then someone realizes the reason the Internet is a wild West is because of pirated software not being updated. The Innocent users are not so Innocent after all.
I now have blocked China, Korea, A lot of isps in most other Asian countries, handful of single ips in NZ , Aussie....countries like Great Britain, Sweden, most of Europe to the other side of Poland, vary from single ips to small isp ranges. From Poland on..blocked....middle east blocked except for Israel (dont think any think into it, if they have a handful of single ip attempts, I didnt make it that way)
All of Africa, except a few Ips in Sth Africa, All of Central America, Brazil, Sth of Brazil single ips and isps.
But if there is a serious guy out there determined to get into THAT website, they will do so, regardless if good enough What is fortunate is these are the less than 1%.....not script kiddies.
Haven't had an issues for many years now except for a couple members emailing me from Asia and Middle East asking if there was something wrong with the server or websites.
Full compliments on time from noticing to cleaned up.
Email...well I think most would have turned that off already..because of the busy threads, normal email to reply can fill up a mail box pretty quick...I reset my servers to not receive another email till have logged in to view that thread....Doing so would have prevented all the full mail boxes.
Bernard,
Idea:
Set it so that you can only post once per 10 mins (say) until you have gotten 10 (say) good posts done.
That way, any spam should be reported by the community, you delete that account, and they'll never be able to blitz the site completely. If an account with less than 10 posts gets reported for spamming, put it on auto-hold (no more posts) until a human has checked it?
Alan.
We welcome your comments below. If you are not already registered, please register to comment.
Remember we welcome robust, respectful and insightful debate. We don't welcome abusive or defamatory comments and will de-register those repeatedly making such comments. Our current comment policy is here.