You are not logged in.
Hit by a spammer. 80,000 posts in a few hours! Ouch. So I had to restore from a backup (I tried cleaning them out, but it was too much for database)
Should not have been able to do this, because forum has a "must wait [60] seconds between posts" option.
May easily happen again.
If it does happen again I will:
* stop new member registration
* upgrade the forum to v1.3 beta, which may be buggy but has lots more protection in it.
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
That must have been one heck of a bot. Even it had been posting at the rate of one message per second, it would still have had to take nearly a day to make 80 000 posts.
Last edited by JaneFairfax (2009-01-05 22:19:29)
Offline
Yes ... quite quick!
Anyway, if they do hit again, rest assured I will work to restore things again.
I have a full backup taken every 12 hours, and the restore works nicely (as I just did one)
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
yup he was posting about 6 topics per second!
lol now i have to repost my answers.
Offline
And a big thank you to you, careless25, for emailing me about it ... I may not have checked the forum for a couple more hours, and the post count could have been 150,000 !
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
This seems to me to have been not pure spamming, but rather a DOS attack. Yet I cant imagine who out there would want to do something malicious to our forum. What enemy could we possibly have in cyberspace at all?
Last edited by JaneFairfax (2009-01-06 00:21:40)
Offline
i got up this morning at 6:30 am and went on this forum early before i went to school and it was shut! um MIF if was it a guest or a member? if i had saww it what would i do?
Zappzter - New IM app! Unsure of which room to join? "ZNU" is made to help new users. c:
Offline
lightning
i guess it was shut because MIF was cleaning up the mess.
it was a new member called foruminf2. the best thing you could do is notify MIF if there is a spammer.
MIF i hope he doesn't come back(or anyone else like him!). Did you notify PunBB about it or is it your programming fault?
How did you block him from accessing site? IP ban?
Offline
Yes, I put it in "Maintenance Mode" while I worked on it.
Why did they do it? I imagine they just like being a vandal. There will be a punishment for them somewhere along the line, no doubt.
I also imagine they will return. And if it becomes a problem I will upgrade to "Version 1.3 beta" which has more anti-spam stuff available, but it will be a little painful for a while as I try to get our special functions (like math tag and hide tag) working.
Meanwhile ... I am taking full backups every 6 hours now, and researching the problem, too.
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
the best thing you could do is notify MIF if there is a spammer.
how?
MIF- i have an idea! see on this other furom i am on when you join you
cannot post for 24 hours
1 day to 1 week- 1 topic+ 5 posts ( a day)
1week- 3 weeks -3 topics + 10 posts a day
3 weeks + 5 topics+ 20 posts a day
i f you want i can tell you what site.
Zappzter - New IM app! Unsure of which room to join? "ZNU" is made to help new users. c:
Offline
Clever Idea.
But "can't post for [60] seconds" should have worked. Instead of 80,000 there would have been a few hundred at most ... still researching why.
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
um maybe when you click to submit he might of cliked it 80,000 times. was the posts exactly the same?
Zappzter - New IM app! Unsure of which room to join? "ZNU" is made to help new users. c:
Offline
How does flood control work?
If it checks to see if [member name] has posted in the last minute, then that presumably means guests can post as often as they want.
Why did the vector cross the road?
It wanted to be normal.
Offline
Guests have to enter a three-digit code when they post; they also have to enter a name and leave an email address. The bot spammer wouldnt have been able to bypass that. Or could it?
Offline
They were a registered member, so Jane's idea sounds right.
Sorry Jane, but I deleted your new topic on this ... If we DID get guest flooding I could code a limit of, say, 30 seconds for ANY guest post.
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
In my opinion -- GUESTS should not be able to post.
If anyone wants/needs to post, register first.
That will not stop the stupidity -- but it might slow it.
I like this forum and I would like for it to stay available.
Sometimes there are some BRILLIANT posts.
Thanks.
Offline
But guest posts are not currently a problem ... if they do become a problem there is lots we can do.
There is also lots we can do about member posts. We could even stop new members!
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
I'm getting a little far-fetched in desperation for an answer, but could they have gotten into the file that has the settings like flood control? Or they could have been sock puppets (I'm assuming you didn't read through ALL of them). Could you tell me what the posts were? That might help to pin down why/how they did it.
Linux FTW
Offline
Well, I didn't check all 80,000 of them
But the ones I saw were identical.
If they strike again I should be able to get a better idea how.
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
I hate it when people do things like this. It's pointless, as you've shown, it's wrong, and it's disruptive to the community of the forum. There should be punishment other than banning for major spamming like this.
Linux FTW
Offline
I have scanned through a dozen or so forum files and made some *small* changes, which *may* reduce the effect of further spamming.
You may also be able to log out now!
"The physicists defer only to mathematicians, and the mathematicians defer only to God ..." - Leon M. Lederman
Offline
maybe the clue is in his name, think about it i have lightning for a reason MIF has that for a reason carelees25 prob. has that for a reason but what about this guy? it has FORUM in it a clue maybe?
Zappzter - New IM app! Unsure of which room to join? "ZNU" is made to help new users. c:
Offline
lightning good thinking but he had a random name which he linked to foruminfinity.com(doesn't exist).
MIF i did look through a lot of his posts and i think he also bypassed your "swearing filter".
he only had 2 different messages repeating throughout the forum so it was a bot.
lightning to notify MIF Go to mathisfun.com and click contact us.Then u can send him a message.
simron check ur messages!
Offline
I have scanned through a dozen or so forum files and made some *small* changes, which *may* reduce the effect of further spamming.
You may also be able to log out now!
cant log out still, but thanks for trying!
did u see my posts on how to log out?
http://www.mathisfunforum.com/viewtopic … 37#p100537
EDIT: can only log out if i click logout on top of screen but cant if i click on the top left corner. THANK YOU!
Last edited by careless25 (2009-01-07 02:16:07)
Offline
a bot? did he hack? i mention earlyer that he might of click subit 80,000 times. careless said same two messages through out the forum.
Well you know how you need to ask to be a real member? well maybe not member registration guests ask to be members.
lets face it we prob. get 50 new members a day and they dont even get used, most of them.
EDIT - said pord. insted of prob.
Last edited by lightning (2009-01-07 06:07:29)
Zappzter - New IM app! Unsure of which room to join? "ZNU" is made to help new users. c:
Offline