|
Post by astanley on Sept 7, 2007 7:49:19 GMT -5
Sorry for the delay. I'm pretty much stumped and not sure what to do. My ISP didn't come up with anything interesting. Hey guess what... Perl needed an update on one of the web servers in my ISP's cluster. So I'll keep you posted on if there are any other issues. Sorry for all the problems!
|
|
|
Post by coldstone on Sept 7, 2007 16:28:02 GMT -5
No problem. I am happy at any opportunity to improve Greymatter.
|
|
|
Post by petefinnigan on Sept 24, 2007 11:39:36 GMT -5
Hi Adam / Coldstone,
I have had a quick look at your sample access_log and I think that you are right these entries, especially those for the entry 272 are scripted and are most likely spammers.
Have you checked your cplog to see if there is any furthrer evidence there. I have seen similar attacks and often there is entries in the log to show that people try and comment even if comments are disabled.
The ultimate solution if its proved these are spidered comment spammers is to block the ip addresses and/or domains doing it at the server level or at least in a .htaccess.
cheers
Pete
|
|
|
Post by astanley on Sept 29, 2007 6:50:06 GMT -5
Hi Adam / Coldstone, I have had a quick look at your sample access_log and I think that you are right these entries, especially those for the entry 272 are scripted and are most likely spammers. Have you checked your cplog to see if there is any furthrer evidence there. I have seen similar attacks and often there is entries in the log to show that people try and comment even if comments are disabled. The ultimate solution if its proved these are spidered comment spammers is to block the ip addresses and/or domains doing it at the server level or at least in a .htaccess. cheers Pete I looked at the control panel log and it's only been me doing thing. You are right about the spammers attack through. While I was working through this problem I did a lot of reviewing of the Apache web log (sorted by IP). It was easy to see that unique IP addresses were trying to comment without looking at any other page of my site. And since I turned on the comment verification feature, that blocked the comment from getting posted. So thanks again for that. I do feel bad that I took a lot of people's time for a problem that was my ISPs. Since they fixed Perl I haven't had a single 500 error, so that should make you feel good about the code! Thanks again for everything. Adam www.echoes.com/
|
|
|
Post by coldstone on Oct 1, 2007 9:47:18 GMT -5
I wonder what they did to get it to error though, I wonder if it was like the other sites. Recently someone discovered they couldn't modify entries that had the word 'casino' in them. Some of those ISPs must be trying a brute force method of stopping spammers.
No worries, its just nice to know the issue is resolved.
FYI, with 1.7.4, there is now an anti-spam feature that will check the HTTP_REFERER attribute of a request. I have found that most spammers just put in google.com and so its very easy to weed out comments that didn't originate from your site, and without the extra user verification steps.
|
|