News:

Wondering if this will always be free?  See why free is better.

Main Menu

Simple Machines Forums attacks

Started by Norv, February 19, 2011, 04:33:48 PM

Previous topic - Next topic

DJ-X

#160
Robots are stupid - do not forget about it!
You can make a fake page to login and registration.

/index.php?action=login3
/index.php?action=login4
/index.php?action=login5

/index.php?action=register3
/index.php?action=register4
/index.php?action=register5


<!--  Robots are here fill the login form  -->
Pass on such links.
<a href="http://dj-x.info/index.php?action=register" style="display: none;">Register</a>


At me robots open yourhoneypot.php on the  pages for an input and registration.
After that MOD httpBL robots any more doesn't admits.
Robots any more don't want to select passwords.

Ricky000

can the bots restore the database 20 days ago????? because it happened to my forum...

Illori

this is not the place to ask for support. please open a separate topic in the correct board if you require help on this issue.

LiroyvH

Quote from: Ricky000 on May 23, 2011, 05:42:52 AM
can the bots restore the database 20 days ago????? because it happened to my forum...

No. Contact your host to ask why that happened or, as Illori suggested, open a new topic.
((U + C + I)x(10 − S)) / 20xAx1 / (1 − sin(F / 10))
President/CEO of Simple Machines - Server Manager
Please do not PM for support - anything else is usually OK.

george54

#164
I tried these two simple approaches to stop unwanted spam on my site:

  • robots.txt-> disallow
  • disabled landing page registration.
Seems to have worked for the hour. (now over 24 hours, looking good)
Have banned bad IPs in the past, but the bad actors are always getting new IPs.

tomicko

Some  more words about point 1. robots.txt please or how to do this for Dummies  :laugh:

Quote from: george54 on June 01, 2011, 08:13:49 PM
I tried these two simple approaches to stop unwanted spam on my site:

  • robots.txt-> disallow
  • disabled landing page registration.
Seems to have worked for the hour. (now over 24 hours, looking good)
Have banned bad IPs in the past, but the bad actors are always getting new IPs.

busterone

You can google robots.txt to learn how to use it for any site, not just SMF.
That will not stop the type of attacks in this topic either. These type of bots pay no attention to a robots.txt file. Only well behaved search engine bots will obey it.

agentstaobao

Interesting choice of mods to offer up, more importantly in the order. Yes, you can force email login, but personally I'd rather stop them at the door from trying to make the fake login in the first place

NGinuity

Any chance you guys can certify the Login Verification mod for 2.0 Gold?

NanoSector

Aren't the attacks ceased? *sighs* Those damn internet terrors.

Quote from: agentstaobao on June 09, 2011, 10:20:35 AM
Interesting choice of mods to offer up, more importantly in the order. Yes, you can force email login, but personally I'd rather stop them at the door from trying to make the fake login in the first place
Ain't that Arantor's words? :P

Quote from: NGinuity on June 13, 2011, 01:51:50 PM
Any chance you guys can certify the Login Verification mod for 2.0 Gold?
You tried emulating the version the mod was written in?
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

NGinuity

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
Aren't the attacks ceased? *sighs* Those damn internet terrors.

I've been getting hit relentlessly since Friday.

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
You tried emulating the version the mod was written in?

No I haven't tried anything.  Having to install mods is somewhat of a new thing to me in SMF, and it said it was only built for 2.0 RC5, so it gave me an unhappy message when I tried to grab the 2.0 install instructions.

NanoSector

Quote from: NGinuity on June 13, 2011, 02:40:50 PM
Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
Aren't the attacks ceased? *sighs* Those damn internet terrors.

I've been getting hit relentlessly since Friday.

Quote from: Yoshi2889 on June 13, 2011, 02:24:26 PM
You tried emulating the version the mod was written in?

No I haven't tried anything.  Having to install mods is somewhat of a new thing to me in SMF, and it said it was only built for 2.0 RC5, so it gave me an unhappy message when I tried to grab the 2.0 install instructions.
If you look at the bottom of the page, there is a link that says "Advanced". Click it.

A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod :)
My Mods / Mod Builder - A tool to easily create mods / Blog
"I've heard from a reliable source that the Answer is 42. But, still no word on what the question is."

NGinuity

Quote from: Yoshi2889 on June 13, 2011, 02:56:39 PM
A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod :)

Ok, so I can just type in SMF 2.0 RC5 where it currently says SMF 2.0?  Does it run a transaction test to make sure the mod will install properly, and also, how hard is it to fail it back if it doesn't?  Sorry for all the questions, but SMF has always worked fine as is and I haven't had to address this until now.

b4pjoe

Quote from: NGinuity on June 13, 2011, 05:15:03 PM
Quote from: Yoshi2889 on June 13, 2011, 02:56:39 PM
A textbox will pop up. Type in the version of SMF the mod works on, and save. Then, happily install the mod :)

Ok, so I can just type in SMF 2.0 RC5 where it currently says SMF 2.0?  Does it run a transaction test to make sure the mod will install properly, and also, how hard is it to fail it back if it doesn't?  Sorry for all the questions, but SMF has always worked fine as is and I haven't had to address this until now.

Yes and yes, it will run the test.

青山 素子

Note that that specific modification was designed only for one certain type of attempt. If the current flood doesn't match that exact signature, it'll be useless.
Motoko-chan
Director, Simple Machines

Note: Unless otherwise stated, my posts are not representative of any official position or opinion of Simple Machines.


NGinuity

Quote from: 青山 素子 on June 13, 2011, 07:38:15 PM
Note that that specific modification was designed only for one certain type of attempt. If the current flood doesn't match that exact signature, it'll be useless.

Yeah I got ya.  I just put in some verification questions that only my users would know.

midweb

I was having problems with 50 to 100 new members per day joining, that were not relevent to the forum, so I set up guest approval,  but now I am having to sift through the list of sometimes 100 plus looking for bona fida people wanting to join, is there a way around this.
Mick

Illori

please start a separate thread in the proper support board, this place is not the correct location.

midweb

sorry first post, thought unwanted registrations was attacks of one kind or another, have disabled registration untill I find an answer.
Mick

HecKel

Why did you stop sending "newsletters"? This kind of information would be really useful for me if I was notified on time... I never noticed this topic before, and this kind of information should have been broadcasted to the whole community.

Please, restart sending newsletters again.
Quote from: Eliana Tamerin on August 23, 2008, 04:10:10 PM
SMF 7 is where it gets good. That has time travel. You can go back and post before the guy who flamed you. :P

Advertisement: