Dear friends,
This is my first message to the Gossamer forums, greetings to all.
Recently, we have been receiving a constant amount of automated SPAM entries into Links 2.0. We installed the following CAPTCHA system (see the following link), including updating the Referrer settings to "@db_referers = ('www.ourdomain.com','ourdomain.com');", and it stopped them.
http://www.gossamer-threads.com/...tring=captch;#296545
Except one. I'm assuming that the SPAMMER was upset with this new CAPTCHA system and now manually types in the entries. The interesting thing is this: on the website access log, there is only one entry showing up when he submits his website links. It appears as such:
Somehow, he is bypassing the CAPTCHA system, since normally there should be an entry in the access log such as:
The referrer host information on his links appear as:
shkarupilo.idegp.com
milenko.idegp.com
talanov.idegp.com
And his email addresses end with i.ua, appears as:
something@i.ua
I've searched those domains at networksolutions and found the IP ranges and put them in the server's host.deny fille. Yet, the SPAM links continue to go through. I hope this information proves useful in finding a resolution for this specific problem and making the world a better place to live in. If anyone has any ideas on how to stop this SPAMMER, please share your solution.
This is my first message to the Gossamer forums, greetings to all.
Recently, we have been receiving a constant amount of automated SPAM entries into Links 2.0. We installed the following CAPTCHA system (see the following link), including updating the Referrer settings to "@db_referers = ('www.ourdomain.com','ourdomain.com');", and it stopped them.
http://www.gossamer-threads.com/...tring=captch;#296545
Except one. I'm assuming that the SPAMMER was upset with this new CAPTCHA system and now manually types in the entries. The interesting thing is this: on the website access log, there is only one entry showing up when he submits his website links. It appears as such:
Quote:
www.ourdomain.com milenko.idegp.com - - [13/May/2009:13:23:21 -0500] "POST /cgi-bin/links/add.cgi HTTP/1.1" 200 9958 "http://www.ourdomain.com/cgi-bin/links/add.cgi" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"Somehow, he is bypassing the CAPTCHA system, since normally there should be an entry in the access log such as:
Quote:
"GET /human/26fe40883303ae87c866ca358381cf3b.png"The referrer host information on his links appear as:
shkarupilo.idegp.com
milenko.idegp.com
talanov.idegp.com
And his email addresses end with i.ua, appears as:
something@i.ua
I've searched those domains at networksolutions and found the IP ranges and put them in the server's host.deny fille. Yet, the SPAM links continue to go through. I hope this information proves useful in finding a resolution for this specific problem and making the world a better place to live in. If anyone has any ideas on how to stop this SPAMMER, please share your solution.