HTML Logo by World Wide Web Consortium (www.w3.org). Click to learn more about our commitment to accessibility and standards.

Moving forward with Composr

ocPortal has been relaunched as Composr CMS, which is now in beta. ocPortal 9 will be superseded by Composr 10.

Head over to compo.sr for our new site, and to our migration roadmap. Existing ocPortal member accounts have been mirrored.


@#$^$ link spammers!

Login / Search

 [ Join | More ]
 Add topic 
Posted
Item has a rating of 5 (Liked by FletchLiked by Jean)  
Rating:
#95964 (In Topic #19076)
Avatar

Community saint

This is an excellent time to review your permission settings. I just discovered a "guest" #@$%@ SPAMMER found it's way into one of my catalogs and created 2000 spam links in the root of the category tree of the catalog. I thought I had all areas of my site covered by "read-only" settings for guests. I must have missed that one.

I also thought I had email notices set to report any catalog entries being created, but never received the first one.

And, of course, the spam detection system never realized what was happening.

If you haven't reviewed your permissions in awhile, now is the perfect time to do it before you get hit like I did.

Steve
Back to the top
 
Posted
Rating:
#95981
Avatar

Community saint

Thanks for the warning sholzy, thats why I have a member only site. :)


http://digiflash.nl Photo community  (dutch)
Back to the top
 
Posted
Rating:
#95982
Avatar

Honoured member

Cheers for the warning I'll have to review mine too

Just Jarv
Back to the top
 
Posted
Rating:
#95998
Avatar

Community saint

I was lucky in the fact that it was the root of the catalog the spammer posted in and not one of the categories already containing entries. If it had been in another category, it would have taken me hours to manually remove the bad entries.

To remove the spam, my original thought was to manually delete all 2000 entries, but I quickly discovered that wasn't going to happen since each deletion threw a warning of a missing member's name requiring me to fill in the "required" blanks before I could proceed with the deletion.

Next idea was to create a new category and "expire" all the spam links to that new category and then just delete the category, taking all that spam with it. I quickly discovered deleting a category sends all the entries back to the parent where I just expired them from.

I had looked through the database at the multiple catalog tables, but not knowing which tables contained all the data that needed to be deleted, I decided to leave this approach alone.

Chris was good enough to post an OcCLE command that did the trick.  :thumbs:

Steve
Back to the top
 
Posted
Rating:
#96439
Avatar

Fan in training

sholzy said

I was lucky in the fact that it was the root of the catalog the spammer posted in and not one of the categories already containing entries. If it had been in another category, it would have taken me hours to manually remove the bad entries.

To remove the spam, my original thought was to manually delete all 2000 entries, but I quickly discovered that wasn't going to happen since each deletion threw a warning of a missing member's name requiring me to fill in the "required" blanks before I could proceed with the deletion.

Next idea was to create a new category and "expire" all the spam links to that new category and then just delete the category, taking all that spam with it. I quickly discovered deleting a category sends all the entries back to the parent where I just expired them from.

I had looked through the database at the multiple catalog tables, but not knowing which tables contained all the data that needed to be deleted, I decided to leave this approach alone.

Chris was good enough to post an OcCLE command that did the trick.  :thumbs:

did you chmod 777 to the spammed directory?

Methods of writing an selling of ebooks : how to write an ebook that sells
Back to the top
 
Posted
Rating:
#96447
Avatar

Community saint

jameskuper said

sholzy said

I was lucky in the fact that it was the root of the catalog the spammer posted in and not one of the categories already containing entries. If it had been in another category, it would have taken me hours to manually remove the bad entries.

To remove the spam, my original thought was to manually delete all 2000 entries, but I quickly discovered that wasn't going to happen since each deletion threw a warning of a missing member's name requiring me to fill in the "required" blanks before I could proceed with the deletion.

Next idea was to create a new category and "expire" all the spam links to that new category and then just delete the category, taking all that spam with it. I quickly discovered deleting a category sends all the entries back to the parent where I just expired them from.

I had looked through the database at the multiple catalog tables, but not knowing which tables contained all the data that needed to be deleted, I decided to leave this approach alone.

Chris was good enough to post an OcCLE command that did the trick.  :thumbs:

did you chmod 777 to the spammed directory?
The catalog system isn't a physical directory structure that can be chmod'ed, it's a virtual structure created within the database. Permissions for this is set through usergroup permissions.

Steve
Back to the top
 
1 guests and 0 members have just viewed this: None
Control functions:

Quick reply   Contract

Your name:
Your message: