Thread: Guestbook Pests

Our guestbook is misused by someone. Everyday new gibberish is posted. Every day I remove this. But can we stop this? And how?


www.lyndenhof.com

Hi, This has been discussed many times before, guestbooks are terrible for this kind of spam and the reason I don't have one. There is a way to moderate the comments yourself, not sure if someone can help furthur with this, but that becomes a pain as you end up having to go through them each day.

Dear Karel and others who read this post,

The solution turned out to be rather simple (touch wood). In de guestbook -ADMIN mode I could find the IP address of the culprit. And he/she was using the samen all the time.

Then the next step was easy. Via the CPanel X menu (IP deny manager) I blocked this IP and, presto: now more endless texts appeared in our guestbook. Until now, that is...

Marc

Karel wrote that there is no answer to this kind of attacking.

We regretfully receive daily of bombardment of dirty entries in our guestbook. All probably coming from the same sick individual. Our maybe – and that is worse – not sick but someone with sleazy commercial goals to sell internet porn or ******. And using our carefully managed website at www.lyndenhof.com.

A couple of weeks ago these attacks started, they seem to come from Russia. There were three of four IP-addresses involved. Via the X-panel IP deny manager, I put these IP-addresses on the black list and presto: no more attacks.

But the attacks started again. Was he or she (who would know) shooting with bullets before, now it is hail. In a hailstorm. Dozens of entries are made with hyperlinks with this kind of filthiness: ”adult sex story (adult-sex-story.just-teen.net)” – hello (I removed the hyperlink). The internet criminal now uses different IP- addresses from China, the Philippines, Morocco, India, the USA and all over the world.

I was forced to pick the IP-addresses one by one form the entries and blacklisted them. But then I discovered soon there were simply too many. And deleting the entries took up an eternity. I took the quick and dirty solution via the FTP-manager I downloaded the file “guestbookdb.php”, deleted the gore entries and copied the clean file back. But I know, it is not the definite solution. The purb will return.

Is there no answer to this kind of attacking our guestbooks?

Unfortunately, the best and probably ONLY way to prevent this from happening is to REMOVE the guestbook from your site. They are well known for these types of attacks. Blocking IP's is NOT advised as you could infact stop hundreds, possibly thousands of potential genuine visitors from visiting your site. I would remove the blocks you have put on.

Why don't you try setting up a forum, connected to your site. These are much more manageable. People prefer these to guestbooks too.

Blocking offending IP's from your blog is often a last resort tactic to prevent repeated access/attacks from happening, and often is unclear if the effort is worth it ..... it is worth it, and I can give you a few reasons why:
1. Blocking an IP not only stops an individual in his tracks, it disallows that person from creating other identities and sneaking back in for repeated offenses, as the blocked IP essentially "shuts off" access to that computer and any activity associated with that system entirely.

2. Generally, IP's that have been identified as "spammers" are not simply randomly targeting your blog or Forum, but are systematically abusing many similar websites all for the sake of spreading their spam, and blocking the IP will effectively cut off all previously undetected activity that was based on a website ruse of sub-domains upon sub-domains as a reference rather than the overall source that the IP serves. Blocking them at their system level cuts off the "head" so to speak, and thwarts any scheme that relies on sutrefuge of identity based on URL's.

3. Blocking IP's takes but a bit more time in your cPanel in the course of website management, but it is worthwhile, as it is the next and most assurable method of protecting your website from threats that can be detrimental overall. It is assumed that your blog or forum already has MOD's enabled or installed to enhance security (captcha, anit-bot, editors, and even Admin permissions only for registration*), so blocking IP's helps to minimize time spent "cleaning" and frees you to remain confident about spurrious *******ted attacks.


Blocking an offending IP is not an omen or a detraction from any metric for your website, nor will it affect traffic (except devious or threatening): it is in truth a responsibility of each website administrator to properly manage the site with every tool provided (that is why they are there!) for the sake of the site owner and the security of visitors as well.

* I would suggest that you simply change permissions at this point so every Registration must have manual approval of the Adminsitrator, and take the time to do a laborious "clean-up" of all current Users to delete/deny all offenders that are there now. Unless yu get 100 valid new members per week to your forum or blog, it is no big deal to personally review each new User Registration for Approval, is it? This will prevent ANY new instances of abuse, as your manual validation is not what spammers are willing to undergo whatsoever --- they count on getting in within an hour at the longest.....

IMO

I hold my hands up if what I said was incorreect.. I was under the impresssion that blocking IP's could lead to more than one 'genuine' viewer from seeing a site, I am sure I read this before on this forum.. I may have misunderstood.

If indeed blocking IP's IS a worthwhile cause than fine go ahead... my only comment to this would be that you could end up doing this on a daily basis!!! We all get spam email, we have all had spam on our forms and forums and guestbooks at some point.. Spam unfortunately is here to stay... and probably get worse!!

As mentioned above, there ARE actions you can take but please also take note that we probably see 10 posts a week in here about spam on guestbooks.

Best of luck whatever you decide anyway, do let us know if you manage to solve your issue.

My new ‘friend” the IP-bomber is using every day series of new IP addresses. On some sites (even this one) you banned entries with contain certain words. Like the V-word or words relating to procreation and making money out of it.

How do we do that, on Vodahost? Is that at all possible?

Hi - am just starting to use the Guestbook, and would like to approve any postings before they are viewed....ie the message gets bounced initially to me first, I give it the ok...and then allow the publishing.... just love the instantness of the message concept but want control... any suggestions please would be great....Thanks
Rowland www.caribbeanhomefinder.net

Hi - not sure if using this correctly, apologies if not.... I am using this software for first time.. just love it... the guestbook feature on my site www.caribbeanhomefinder.net would be really helpul, but I want control.... ie.. want to approve any publication that is put there, in the public domain....a "beep" on my computer would be helpful as and when a guest leaves a message....also, would like the message to be approved before it is left (or not left) on the message board...... The "instantness" is a great concept, especially in my business where communication with the client is essential.. just like a post-it left on my screen... super..
Any thoughts there would be great...
Thanks
Rowland

Originally Posted by Vasili

Blocking offending IP's from your blog is often a last resort tactic to prevent repeated access/attacks from happening, and often is unclear if the effort is worth it ..... it is worth it, and I can give you a few reasons why:
1. Blocking an IP not only stops an individual in his tracks, it disallows that person from creating other identities and sneaking back in for repeated offenses, as the blocked IP essentially "shuts off" access to that computer and any activity associated with that system entirely.

2. Generally, IP's that have been identified as "spammers" are not simply randomly targeting your blog or Forum, but are systematically abusing many similar websites all for the sake of spreading their spam, and blocking the IP will effectively cut off all previously undetected activity that was based on a website ruse of sub-domains upon sub-domains as a reference rather than the overall source that the IP serves. Blocking them at their system level cuts off the "head" so to speak, and thwarts any scheme that relies on sutrefuge of identity based on URL's.

3. Blocking IP's takes but a bit more time in your cPanel in the course of website management, but it is worthwhile, as it is the next and most assurable method of protecting your website from threats that can be detrimental overall. It is assumed that your blog or forum already has MOD's enabled or installed to enhance security (captcha, anit-bot, editors, and even Admin permissions only for registration*), so blocking IP's helps to minimize time spent "cleaning" and frees you to remain confident about spurrious *******ted attacks.


Blocking an offending IP is not an omen or a detraction from any metric for your website, nor will it affect traffic (except devious or threatening): it is in truth a responsibility of each website administrator to properly manage the site with every tool provided (that is why they are there!) for the sake of the site owner and the security of visitors as well.

* I would suggest that you simply change permissions at this point so every Registration must have manual approval of the Adminsitrator, and take the time to do a laborious "clean-up" of all current Users to delete/deny all offenders that are there now. Unless yu get 100 valid new members per week to your forum or blog, it is no big deal to personally review each new User Registration for Approval, is it? This will prevent ANY new instances of abuse, as your manual validation is not what spammers are willing to undergo whatsoever --- they count on getting in within an hour at the longest.....

IMO

In a few days we are releasing a new version of BlueVoda the has some antispam features in the Guestbook, such as a cpatcha, etc...

Great.. many thanks... how will you tell us that this is available and when?....

OK, Vodahost, looking forward to the new version of Vodahost with some spam control. It would help, like our friend JABMPWT suggested, to have some control on input.

I now every day clean the guestbook by the quickest way I know. Via the FTP manager I copy a clean version of the file “guestbook.php” on the internet-directory. I do not bother to block the IP addresses any more.

By the way:

Vodahost wrote:

[FONT='Verdana','sans-serif']“I would suggest that you simply change permissions at this point so every Registration must have manual approval of the Administrator, and take the time to do a laborious "clean-up" of all current Users to delete/deny all offenders that are there now. Unless you get 100 valid new members per week to your forum or blog, it is no big deal to personally review each new User Registration for Approval, is it? This will prevent ANY new instances of abuse, as your manual validation is not what spammers are willing to undergo whatsoever --- they count on getting in within an hour at the longest...[/FONT] “


Tell me how/ where to do this? It is not a blog or forum, but the simple guestbook from Vodahost I am using. There are not many input controls there.

Marc

I gave up. I removed the input-form for the guestbook. Instead I published a ‘hard-copy’ of the reactions of the Lyndenhof-guest. Problem solved, but flexibility is far gone.

http://www.lyndenhof.com/Gastenboek13_15.html

God...I am glad I'm not the only one dealing with this issue. I will try the solutions suggested. There is an at home industry where people make money for doing just these kinds of entries. Spam is definately here to stay....sadly :(