Hi, any other tries for getting rid of this spammer?! I renamed the .post php file, changed the comments.php file to call the new .post php file and got the code that I put in the .post area from TG's code and it still is popping up the automated spam, when I add a new blog into my comments section. This poker guy should be put to death. Any other ideas? Take a look to see and add a blog at http://www.hateboss.com/v-web/b2
Any help would be appreciated. By the way, since I got the blogger from the plug-in from ipowerweb, I do not have a blog admin area, so I can't inistall the plug-ins. The only access I have is the template section of the site to change those.
Comment Spam (91 posts)
-
Anonymous
Posted 3 years ago # -
Anon, have you tried all of these: http://www.tamba2.org.uk/wordpress/spam/ ?
-
anon should upgrade his b2 to wordpress, so that he has all the options at podz's page available to him.
-
Can't believe I didn't think of that sooner. I just figured that maybe he has WordPress and just kept it at the b2 directory. This is the WordPress support forum after all.
-
Posted 3 years ago #all these solutions might help, but cant we just stop the source? It seems that videopoker/casino/etc is all the same guy (the whois of those domains return same information) so someone should be able to stop him no?
I found some email address on the whois : yukkikunikkennen@yahoo.com
i'm presuming that's him, although it might as well be a non working address. this has just got to stop -
sdstern
Posted 3 years ago #Same problem on my site within 24 hours of installing WordPress. Here are the blocked IDs:
207.127.0.2
194.120.189.254
212.87.29.147
128.121.14.116
213.144.148.130
68.33.176.24
62.24.81.165
217.221.20.122 -
Richard - I've been following your comments through this thread and understand your frustration at not being answered. To flat-out answer your question about the number of links needed to send a comment to moderation - it's simple- he"preloaded" the spam. What we found out was that he was repeatedly calling the wp-comment-post.php page directly, incrementing the post id each time.This 1) hit older posts, and 2) if there wasn't a post with that ID, as soon as there is, the comment appears. He already had them loaded before you started chaning your comment link settings. So, in a nutshell, that's how it happened.
It was in the above situation that let me to find the loop hole for which there is now a fix for. Unfortunatly it does NOT fix existing pre-loaded spam, it will only catch new incomming spam.
BTW: I got hit by texas hold'em and bad ass boy this weekend. Fortunatly, with all the stuff in place, it was minimal - only 4 posts got through, 3 were caught and put into moderation. Based on what I've seen here, it looks like I was able to survive by the skin of my teeth.
Oh, and as for what does he get for click-throughs - nothing. It's not click throughs spammers are after. It's google ranking. Google determines the rank for a web site based on the number of incomming links. So if you get a site that has a lot of incomming links from multiple sites, well, you must be importaint to link to, and so gets moved up the listing.
TG -
charlesarthur
Posted 3 years ago #First - those IPs you've found are all Trojanned PCs. You can do lookups (I recognise the one beginning 194. as probably being somewhere in the UK) and complain. It might make a difference. But the estimate is that a few thousand Trojanned PCs join the bot nets every DAY, so it's not like the spammers are going to run out of resources that way anytime soon.
An effective weapon is the "Three Strikes Plugin" and also "Kitten's Spaminator" (the latter builds on the former). Have a search for them. They'll save a lot of this sort of pain, to be honest. Presently, I have 569 attempted spam comments which were auto-blocked by one or the other of those in the past week.
My other suggestion (which is on my blog) is that we should fight this guy at his own game. We should *all* claim that we're the best online p.k.r site. I bet that this thread alone will have some fine Googlejuice if only people link to it saying "excellent g-mbling".
There's only one spammer, but there's thousands of bloggers. Why let him dictate to us? -
Posted 3 years ago #I contacted the online poker people and threatened them with suing since they are liable for the spam. The spam stopped immediately.
-
For the rest of us, what's the email address that you used?
-
Posted 3 years ago #threatened him too, 2 days nothing and bang, never been hit harder :( . Think the email address is never checked or anything.
I don't understand how this one guy gets away with spamming the entire blog community -
Posted 3 years ago #Maybe it's a bit of a savage soultion, but why don't we setup a system to DDOS the poker joker?
-
Posted 3 years ago #Thanks, I've done this also. I replaced the wp-comments-post.php with an unlikely name, just to add a little extra difficulty. As one poster has alsready said, the spammers probably read the support forums for all major blogging software.
-
Posted 3 years ago #HI
-
Posted 3 years ago #Sorry for the previous HI...
I setup this blog and within 30 minutes i was getting hit by online casinos crap with religious texts.... I was just proud of it when this happened. now 1 hour later i found the rename trick... It seems to work for now but i still am affraid... how do they find a new blog like this, i did not even tell anyone about it!!!
Will keep youposted... -
They find you through the Update Services that you ping. Just look for the Update Services setting. Unfortunately, this is a rather useful setting and I won't disable it.
-
Posted 3 years ago #$url = trim(strip_tags($_POST['url']));
if (strpos($url,"poker") !== false) { die("Denied");}
if (strpos($url,"ottawavalley") !== false) { die("Denied");}
I've put in a few of these lines in my wp-comments-post.php that look for those keywords in the url field. It can be attached to the other fields as well. This has killed most of the attacks I've gotten lately by not even getting the comment into my database. Even when the comments are changing, these guys want certain words in the URLs to get their search rankings up.
It'd be nice if WP had a field that was keywords for moderation, and keywords to immediately kill.
Although I'm posting this after not visiting WP for a while so maybe things have changed.... -
It is a feature in WP v1.2.x. Look in Options/Discussions. As for automatically deleting them, do a search around the forums, the solution is here.
-
Posted 3 years ago #Thank you ever so much...this worked beautifully. I was getting hit with tons of online poker ones. Thanks!
-
Posted 3 years ago #I tried following this stuff and renamed my files, then found nothing related to comments worked. I tracked down a few instances of the comments-popup file in the code, but I can't seem to get comments to work. When I post a comment now I get this:
Warning: Invalid argument supplied for foreach() in /home/thebeaut/public_html/commentpop.php on line 6
I looked at the code and it looks fine. ("commentpop.php" is what I renamed the popup file to.) What am I missing?
Maybe in the future you all could specificy exactly where in each file we need to make changes. What's listed on the first page of this thread seems simple enough, but once I'd gotten into the changes I found it was a LOT more complicated than it was made out to seem. Not all of us are code-junkies, you know. ;-) -
Posted 3 years ago #My site, by the way, is http://www.thebeautifullull.com. Thanks . . .
-
Posted 3 years ago #Yes, thanks, but I've already read that over and over and over - it still doesn't clear up where exactly the file names need to be changed in the code. Like I said, I'm not a code-junkie. I changed the names of the files, then nothing worked. I looked in what files I thought might have the file-names referenced, changed the few I did find them in, and still nothing works. What I need to see is a list of what files need to be changed, and what lines of code need to be changed in each of those files.
-
Posted 3 years ago #Macmanx, I've obviously already done that, seeing as I'm posting comments in that thread. What appears obvious to you is not obvious - I followed the instructions to a T and nothing worked. I made a few desperate changes in the code of several files to reflect the name change for the popup file and comments still do not work right.
At the moment I am VERY frustrated and very disappointed with Wordpress, and, consequently, very sorry I switched from Pmachine - I never, ever had comment spam, not once with Pmachine. Now I'm hand-deleting hundreds of comment-spam each day and at the moment have no comments at all because of the changes I've made. All I'm asking for is a detailed instruction set for what names to change where in what files. Shouldn't someone out there put together a step-by-step process for making this change, written at a very, very basic level, to be included with the Wordpress download so users never have a problem with unwanted spam from the start? -
Posted 3 years ago #Macmanx, that is exactly what I needed! Thank you! I'm out of time this morning but I'll do this tonight and see how it works. I think I can actually fix the files I have rather than re-upload them, as I tried to make note of what files I changed. But if not, I'll have a project to keep me busy this weekend . . .
-
moongreen
Posted 3 years ago #thx for the rename-advice. simple, but effective..!
-
Glad I could be of assistance.
-
Posted 3 years ago #I sent this e-mail to him and it stopped within a few days:
'Recently I've been experiencing an abnormal amount of spam on my blog, fallingbullets.com. Of course, the spam is filled for a casino program, hosted at *****. Looking up the WHOIS records, I found the following info:
E-mail:
yukkikunikkennen@yahoo.com
Yukkii
3 Connell Dr.
Berkeley Heights, NY 07922
Telephone:
1 (908) 234-2243
So, this all comes to you. I am asking you to reply to this e-mail, informing me that you will stop spamming my server (your spamming tactic doesn't work anymore anyways, you've been blacklisted). And you WILL stop spamming my server. You're filling up my logs with ridiculous amounts of false hits. This takes time and effort to clean up, which results in true monetary loss.
And that's where the law comes in. Because I have suffered loss, the law will step in on my behalf. California, as you know, has stringent laws regarding spam. My server is hosted within California, so the california anti-spam laws apply.
I've contacted the Electronic Frontier Foundation as well as legal representatives for http://spam.abuse.net/ and they both are willing to aid me if you do not discontinue spamming my server.
If you do not reply to this e-mail within a reasonable amount of time, I will persue action.
-Tyson
Webmaster of fallingbullets.com entropymag.net and iotapi.com'
Of course, I never contacted the EFF nor did I have a lawyer. :-) -
Posted 3 years ago #Ooops.
Backticks.Not apostrophes. Sorry! -
iamPariah
Posted 3 years ago #Instead of deleting wp-comments-post.php after changing the name to something else, you could actually use it to be pro-active.
Use the above technique of making a new, renamed copy of your wp-comments-post.php. Then edit the original wp-comments-post.php to redirect spambots away from your site. It'll end the 404 barrage and, if the spambots work like a search engine bot (most research suggests they PROBABLY do), then they may learn to never come back to your site.
So...
1. Follow the above procedure from macmanx, but don't delete wp-comments-post.php.
2. Edit wp-comments-post.php to include ONLY the below, nothing else:
<?php
header("HTTP/1.1 301 Moved Permanently");
header("Location: http://www.cnn.com/");
?>
3. Upload to your server as wp-comments-post.php.
What happens? When a spambot goes looking for wp-comments-post.php it will find it, but the 301 redirect rule tells the bot that the page has moved PERMANENTLY to http://www.cnn.com. Thus the bot will follow the redirect, winding up on http://www.cnn.com/ and leaving your WP blog alone.
Of course you can change the redirect location to any valid location--if it isn't valid, you'll cause your server troubles. I used CNN rather than some kind of anti-spam organization for two reasons: First, such organizations are usually small and can't handle the extra bandwidth, however little it may be; besides, I certainly don't want to risk them having a WP blog. And, second, spambots might have internal protections against being redirected to known dangerous targets or URIs with certain words in them.
Want to see how it works? Visit here: http://quarkvsindesign.com/news/wp-comments-post.php
« Previous 1 2 3 4 Next »
Topic Closed
This topic has been closed to new replies.