Author Topic: Simple Machines Forums attacks (Read 1919131 times)

DJ-X · « **Reply #160 on:** May 14, 2011, 07:01:22 AM »

Robots are stupid - do not forget about it!
You can make a fake page to login and registration.

/index.php?action=login3
/index.php?action=login4
/index.php?action=login5

/index.php?action=register3
/index.php?action=register4
/index.php?action=register5


<!--  Robots are here fill the login form  -->
Pass on such links.
<a href="http://dj-x.info/index.php?action=register" style="display: none;">Register</a>

At me robots open yourhoneypot.php on the pages for an input and registration.
After that MOD httpBL robots any more doesn't admits.
Robots any more don't want to select passwords.

Ricky000 · « **Reply #161 on:** May 23, 2011, 05:42:52 AM »

can the bots restore the database 20 days ago?

? because it happened to my forum...

Illori · « **Reply #162 on:** May 23, 2011, 05:46:15 AM »

this is not the place to ask for support. please open a separate topic in the correct board if you require help on this issue.

CoreISP · « **Reply #163 on:** May 23, 2011, 10:36:37 AM »

Quote from: Ricky000 on May 23, 2011, 05:42:52 AM

can the bots restore the database 20 days ago?? because it happened to my forum...

No. Contact your host to ask why that happened or, as Illori suggested, open a new topic.

george54 · « **Reply #164 on:** June 01, 2011, 08:13:49 PM »

I tried these two simple approaches to stop unwanted spam on my site:

robots.txt-> disallow
disabled landing page registration.

Seems to have worked for the hour. (now over 24 hours, looking good)
Have banned bad IPs in the past, but the bad actors are always getting new IPs.

tomicko · « **Reply #165 on:** June 04, 2011, 01:20:45 AM »

Some more words about point 1. robots.txt please or how to do this for Dummies

Quote from: george54 on June 01, 2011, 08:13:49 PM

I tried these two simple approaches to stop unwanted spam on my site:
robots.txt-> disallow
disabled landing page registration.
Seems to have worked for the hour. (now over 24 hours, looking good)
Have banned bad IPs in the past, but the bad actors are always getting new IPs.

busterone · « **Reply #166 on:** June 04, 2011, 09:49:02 AM »

You can google robots.txt to learn how to use it for any site, not just SMF.
That will not stop the type of attacks in this topic either. These type of bots pay no attention to a robots.txt file. Only well behaved search engine bots will obey it.

agentstaobao · « **Reply #167 on:** June 09, 2011, 10:20:35 AM »

Interesting choice of mods to offer up, more importantly in the order. Yes, you can force email login, but personally I'd rather stop them at the door from trying to make the fake login in the first place

NGinuity · « **Reply #168 on:** June 13, 2011, 01:51:50 PM »

Any chance you guys can certify the Login Verification mod for 2.0 Gold?

NanoSector · « **Reply #169 on:** June 13, 2011, 02:24:26 PM »

Aren't the attacks ceased? *sighs* Those damn internet terrors.

Quote from: agentstaobao on June 09, 2011, 10:20:35 AM

Interesting choice of mods to offer up, more importantly in the order. Yes, you can force email login, but personally I'd rather stop them at the door from trying to make the fake login in the first place

Ain't that Arantor's words?

Quote from: NGinuity on June 13, 2011, 01:51:50 PM

Any chance you guys can certify the Login Verification mod for 2.0 Gold?

You tried emulating the version the mod was written in?

NGinuity · « **Reply #170 on:** June 13, 2011, 02:40:50 PM »

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM

Aren't the attacks ceased? *sighs* Those damn internet terrors.

I've been getting hit relentlessly since Friday.

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM

You tried emulating the version the mod was written in?

No I haven't tried anything. Having to install mods is somewhat of a new thing to me in SMF, and it said it was only built for 2.0 RC5, so it gave me an unhappy message when I tried to grab the 2.0 install instructions.

NanoSector · « **Reply #171 on:** June 13, 2011, 02:56:39 PM »

Quote from: NGinuity on June 13, 2011, 02:40:50 PM

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
Aren't the attacks ceased? *sighs* Those damn internet terrors.

I've been getting hit relentlessly since Friday.

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
You tried emulating the version the mod was written in?

No I haven't tried anything. Having to install mods is somewhat of a new thing to me in SMF, and it said it was only built for 2.0 RC5, so it gave me an unhappy message when I tried to grab the 2.0 install instructions.

If you look at the bottom of the page, there is a link that says "Advanced". Click it.

A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod

NGinuity · « **Reply #172 on:** June 13, 2011, 05:15:03 PM »

Quote from: Yoshi2889 on June 13, 2011, 02:56:39 PM

A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod

Ok, so I can just type in SMF 2.0 RC5 where it currently says SMF 2.0? Does it run a transaction test to make sure the mod will install properly, and also, how hard is it to fail it back if it doesn't? Sorry for all the questions, but SMF has always worked fine as is and I haven't had to address this until now.

b4pjoe · « **Reply #173 on:** June 13, 2011, 06:06:08 PM »

Quote from: NGinuity on June 13, 2011, 05:15:03 PM

Quote from: Yoshi2889 on June 13, 2011, 02:56:39 PM
A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod

Ok, so I can just type in SMF 2.0 RC5 where it currently says SMF 2.0? Does it run a transaction test to make sure the mod will install properly, and also, how hard is it to fail it back if it doesn't? Sorry for all the questions, but SMF has always worked fine as is and I haven't had to address this until now.

Yes and yes, it will run the test.

青山素子 · « **Reply #174 on:** June 13, 2011, 07:38:15 PM »

Note that that specific modification was designed only for one certain type of attempt. If the current flood doesn't match that exact signature, it'll be useless.

NGinuity · « **Reply #175 on:** June 13, 2011, 07:42:57 PM »

Quote from: 青山素子 on June 13, 2011, 07:38:15 PM

Note that that specific modification was designed only for one certain type of attempt. If the current flood doesn't match that exact signature, it'll be useless.

Yeah I got ya. I just put in some verification questions that only my users would know.

midweb · « **Reply #176 on:** June 19, 2011, 03:30:30 PM »

I was having problems with 50 to 100 new members per day joining, that were not relevent to the forum, so I set up guest approval, but now I am having to sift through the list of sometimes 100 plus looking for bona fida people wanting to join, is there a way around this.
Mick

Illori · « **Reply #177 on:** June 19, 2011, 03:43:20 PM »

please start a separate thread in the proper support board, this place is not the correct location.

midweb · « **Reply #178 on:** June 20, 2011, 12:31:03 PM »

sorry first post, thought unwanted registrations was attacks of one kind or another, have disabled registration untill I find an answer.
Mick

HecKel · « **Reply #179 on:** June 21, 2011, 04:04:37 PM »

Why did you stop sending "newsletters"? This kind of information would be really useful for me if I was notified on time... I never noticed this topic before, and this kind of information should have been broadcasted to the whole community.

Please, restart sending newsletters again.

News:

Author Topic: Simple Machines Forums attacks (Read 1919131 times)