SMF Support > SMF 2.0.x Support
Forum under attack
split:
My site kept hitting its daily limit of sent emails. I tracked it to SMF2.0 forum.
Upon closer inspection, I see that hundreds, of accounts are being created each day.
From admin, if I drill in on an account, I find an account with no activity.
The Personal text field always contains some URL of spam
My logs are full of attempts to upload attachments...not sure what, but they error because they are too large.
There does not seem to be a way to see if they are using the account to try to send spam to other members.
In the end, I'm not sure what they are gaining by creating all these accounts. Only once in a while does a post appear that is spam. And since I moderate posts, they never became visible on the forum. They clearly have defeated the account creation CAPTCHA and the question.
If the Captha are a finite number of images, some hacker has likely created a script to detect each one and provide the proper response.
I have some 100,000 members on my forum now. I suspect maybe 500-1000 are real.
Now, to figure out a way to delete the fake accounts and not delete the real accounts.
95K of the accounts are marked as Last Online: Never
About half of the accounts were never activated via email activation, but half were, so they have that hacked too.
MrPhil:
--- Quote ---They clearly have defeated the account creation CAPTCHA and the question.
--- End quote ---
CAPTCHAs are pretty much useless these days. They're more easily read by machines than humans, even when you crank up the complexity.
"question"? As in one? You need to present M questions out of N.
There are other anti-spambot mods, which look up applications against databases of known spammers.
I think I've seen a way to mass delete accounts which have signed up but never gone online. I don't recall if it's something directly in MySQL, or if there's a mod to do it, or even an admin function. Do some searching -- I know your question has been asked (and answered) many times before.
split:
I posted more or less as community service. To post that many accounts each day requires scripting. And anyone that is going to put in that kind of effort is not going to attack only my forum.
Was also hoping that someone else might have a quick way to delete all these accounts
butchs:
We know they are everywhere. They used to bug me but not any more...
Chas Large:
This Anti-Spam mod works really well as it prevents known spammers from registering on an SMF forum in the first place.
http://custom.simplemachines.org/mods/index.php?mod=1547
You can use it to check out current members once installed too to identify and remove them.
Navigation
[0] Message Index
[#] Next page
Go to full version