Support » Plugin: Jetpack - WP Security, Backup, Speed, & Growth » Spam attack by jetpack share e-mail!!!

  • Hello, a few days ago some bots began to attack my side on which the option is made available jetpack social Post by email

    Bots had already begun to enter your establishment invented mails and send out my hand through this form sharing thousands of spam e-mails to other

    Although the share options turned off by the e-mail they are still trying to connect with a link which no longer exists is:

    mydomenin.com/namepost/?share=email&nb=1

    The server can hardly withstand millions of queries to him at this link – what to do, IP addresses attempting to send out spam constantly changing

Viewing 12 replies - 1 through 12 (of 12 total)
  • Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    Thanks for the report. We had added a honey pot to catch spammers and avoid those issues, but it looks like some spammers found a way through. We’ll work on getting this fixed.

    In the meantime, you could block all visits that include that email sharing query string, by adding the following to your site’s .htaccess file:

    
    RewriteEngine On
    RewriteCond %{QUERY_STRING} =share=email&nb=1
    RewriteRule .* - [R=403,L]
    

    I hope this helps.

    Preferable to try to add, because the function of email stopped broadcasting by thousands of spam that someone sends for her help. Thanks for the help and I hope as soon as it has been somehow protected. Regards

    Hello, despite the addition of this code I still have hundreds of thousands of queries of this type to the site and still other ip

    http://www.thestylishtube.com/5-ways-to-find-your-true-love/?share=email&nb=1

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    @tomeh Could you contact your hosting provider, and ask them to take a look at your logs and see what they can do to block those requests before they reach your site?

    Let me know how it goes.

    thus it is constantly changing IP these questions trying to spread spam by jetpack can not block it

    I add the same IP to the blacklist but that does not change the fact that the queries to the site is a few hundred thousand trying to sow spam a day for shared mail jetpack

    in .htaccess I added your suggested code but it seems that it is not working on the request because the site still appears with this tip /?share=email&nb=1 and not 404

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    Was your hosting provider able to look into this, and see about blocking the requests before they even get to your site?

    Yes, but can not block the site’s features is still unknown new variables adreso ip because these appear in the thousands. Days ago the side of my friend began to experience the same thing – an attempt to share the spam mail from Jetpack also an article on the website

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    If your hosting provider cannot block the attack, I’d recommend enabling CloudFlare on your site. It will most block all attacks before they reach your site.

    I use All In One WP Security & Firewall

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    All In One WP Security & Firewall is installed your site, and most likely won’t help here. You’ll need something that blocks the requests before they can even reach your site. CloudFlare will help. It will allow you to create a Page Rule to redirect the bots to a YouTube video before the request hits your server, for example:

    http://i.wpne.ws/i2D4

    enough to know such a plug because I can smash something that I can not fix it.

    Are you working on this in order to protect against this problem jetpack? Maybe bot to come off for some time. Currently, it is tragic.

    Plugin Author Jeremy Herve

    (@jeherve)

    Jetpack Mechanic 🚀

    We are indeed working on it, but whatever we implement, we won’t be able to stop bots from visiting specific URLs on your site. As you’ve experienced, those bots will visit that URL whether you actually use Jetpack or not.

    Until those visits stop, I’m afraid the only way you to mitigate those attacks is either to talk to your hosting provider and ask them to block access to those types of URLs for you, or implement a Web Firewall like CloudFlare to restrict access to your site.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Spam attack by jetpack share e-mail!!!’ is closed to new replies.