WordPress.org

Ready to get started?Download WordPress

Forums

DMSGuestbook
[resolved] Warning: DMSGuestbook is a spam magnet (21 posts)

  1. rexreason
    Member
    Posted 1 year ago #

    I have built a site which is completely off the radar (Google can't even find it).

    DMSGuestbook has already generated a nice healthy stream of 'white' spam - nothing offensive, but clearly auto-publishing links for SEO reasons.

    I'm not saying that DMSGuestbook is directly providing hooks to 3rd parties, but I am saying that a website that isn't even robot-ready fills up with comments almost immediately. While I am well aware of the abundance of robot activity, this smells entirely fishy to me.

    To use this plugin legitimately, you'll need to de-spec it from what the spiders are after. Just a warning to those without PHP chops.

    http://wordpress.org/extend/plugins/dmsguestbook/

  2. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    Hi rexreason

    - Did you activate any captcha method on DMSGuestbook?
    - Are you sure no one has access to the WordPress installation except you?
    - Are you using the latest WordPress / DMSGuestbook installation?
    - Do you know Akismet? Try it, is very helpful, DMSGuestbook is running with it

    Greetings,
    Dani (the fish)

  3. rexreason
    Member
    Posted 1 year ago #

    hi dan, in order:
    1. default 2. yes 3. yes 4. yes, but isn't the point.

    either:
    1. WP is selling traffic
    2. DMS is selling traffic
    3. one of 1 or 2 is happening by a 3rd party (hacker)
    4. robots are just really damn good

    i just feel 4 is a bit much considering the facts.
    it means that DMS-targeting robots are full bore all the time, again seems a stretch.
    if WP and DMS are benign, then someone else is tracking DMSguestbook installs really well.

    don't mean to be a jerk, but it's a bit rich to get spam BEFORE launch.
    happy to hear a counter-explanation.
    k

  4. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    Hi rexreason

    Sounds weired, do you have access to the webserver access logs?
    I suggest you to analyze these files, maybe you will find out what went wrong.

    I have two WordPress test sites online (site not indexed by robot), but I never got spam on DMSGuestbook or in a comment field.

    Dani

  5. rexreason
    Member
    Posted 1 year ago #

    The only other thing to add is that I had zero pre-launch and post-launch guestbook spam on another site that used the 1+1=2 scheme instead of captcha - so I would recommend this to others.

    I would also like to say good work on a structurally robust plugin. This thread is only about it being 'too' functional. :)

    I did have to modify CSS but was impressed with the formatting offered in the prefs.

  6. jaclyn_wp_psi
    Member
    Posted 1 year ago #

    I am having the same issue. I cannot even get the re-captcha to show on the form...

  7. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    Hi jaclyn_wp_psi

    Create me a WordPress admin account and send me the credentials to DMSGuestbook { at } DAnielSchurter ( DOT ) Net.

    After that I will take a look on it as soon as possible.

    Greetings,
    Dani

  8. jaclyn_wp_psi
    Member
    Posted 1 year ago #

    I just sent you the password to the account

  9. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    Hi jaclyn_wp_psi

    You have installed "Custom Contact Forms" that disabled reCAPTCHA on DMSGuestbook. I've disabled "Custom Contact Forms" for a test, after that DMSGuestbook is running with reCAPTCHA.

    I suggest you to install another contact form, otherwise you can switch back to DMSGuestbook "Antispam image", but reCAPTCHA would be better.

    Greetings,
    Dani

  10. jaclyn_wp_psi
    Member
    Posted 1 year ago #

    So I cannot have 2 on the same website? Is there another captcha that would work well for the form? They really shouldn't be getting a ton of spam from either of them...

  11. jaclyn_wp_psi
    Member
    Posted 1 year ago #

    I know the "I am human" button on the form helps, so I should probably have the best anti-spam on the guestbook and the 2nd best on the contact form...

  12. jaclyn_wp_psi
    Member
    Posted 1 year ago #

    FYI: it looks like it was jQuery issue. I just had to turn it off for Custom Contact Form. (all it controls in that is the tool tips)

  13. hansbeen
    Member
    Posted 1 year ago #

    I have CAPTCHA and Askimet, but still spam is showing up more then entries

  14. EddieG
    Member
    Posted 1 year ago #

    I have shut down DMS Guestbook on two sites for reasons stated above by others. Hopefully someone will get to the bottom of this soon.

  15. skivey0281
    Member
    Posted 1 year ago #

    You dont need a guestbook plugin, wordpress already has everything you need, and here is what I did:

    enable Comments and on every page then go to your screen options and check the 'discussion' box.

    On each page either enable or disable comments. On my site I disable on every page except the one I called "Guestbook". This option is shown at the bottom of every page.

    Install the areyouahuman plugin, enable and add your keys. Go to the Edit Site Options > Game Style: Embedded.

    In the areyouahuman options enable for comments.

    Setting > discussion > change the preferences you want, I made it so anyone can comment and no need for approval, the areyouahuman is very good at keeping the spam away.

    I then added an image that says "guestbook" with text underneath that says "please sign our guestbook".

    To change the color of the text "leave a comment" search how to do it on the net, its quite easy on most themes. I used graphene theme and use this in custom CSS:

    #comments > h4, #respond > h3, h3.author-post-list {
    color: #000000;
    }

    To change the text in the comments button go to comments.php and change the relevent text.

    also to change the text on the page from "Leave a Comment" to Sign the Guestbook (also in graphene, but easy enough in many themes) open the functions.php file in the theme folder and put this at the bottom:

    function comment_reform ($arg) {
    $arg['title_reply'] = __('Sign The Guestbook:');
    return $arg;
    }
    add_filter('comment_form_defaults','comment_reform');

    I hope this helps, Im pretty happy with the outcome :)

    [Signature removed]

    Matt

  16. skivey0281
    Member
    Posted 1 year ago #

    oh, i almost forgot, I also added this widget to show them on in the widget area!

    http://wordpress.org/extend/plugins/recent-comments-widget-with-comment-excerpts/

  17. Sue
    Member
    Posted 1 year ago #

    I have the DMS Guestbook on a site, and over the weekend we got over 200 spammy entries/comments. I have marked them all as spam, and tonight they continue to come in at the rate of 5-20 every hour.

    I have Bad Behavior plugin installed, I have the site on CloudFlare, I use the math captcha and have had very few spam submissions to date (the site has been live for over a year now). The site was pounded in the recent brute force login attack, but since we have never used "admin" as a user (in fact, deleted it as one of the first set up steps) the site was slow, but fine.

    I'm still seeing high numbers of attempts, and now this recent flood of spam through the guestbook. Any advice?

  18. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    Hi Sue,

    I suggest you install the plugin Akismet and reCAPTCHA.

    Greetings,
    Dani

  19. themadcatlady
    Member
    Posted 1 year ago #

    I am having the same problem with spam. As soon as the guestbook was up, within a few hours, we started getting spam. I have Akismet turned on and the Captcha within the DMS plugin.... I am going to try skivey0281´s above suggestion of using the actual WP comments system and modify it into a guestbook.

  20. Sue
    Member
    Posted 1 year ago #

    I recently commented on another thread - the Akismet was installed as per your post, and spam has slowed but not ended. Just today I switched back to the reCaptcha plugin and we shall see how that goes.

  21. DanielSchurter
    Member
    Plugin Author

    Posted 1 year ago #

    This thread is closed.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic