What's Going On With This Guestbook?
Autor: Darren Allen
Visited 9664,
Followers 2,
Udostępniony 37
On one of the websites I've created, the guestbook gets bombarded with spam. (see attachment)
The confusing thing, is when I log in to remove the spam, rather than removing the message, it multiplies, and the guestbook contains more spam, and this can be repeated ad infinitum
I'm at a complete loss on this one?
Posted on the
-> server *infected*
can you attach a link please ?
Autor
The website is http://www.glenncoggin.co.uk which is hosted as a sub-domain off my Just Host account.
I deleted the guestbook file from the server, and as of 8:00 GMT, nothing has been added again, but I have deleted the file several times over the past week and it always comes back.
I'm also hosting an additional 2 domains with guestbooks, both of which are fine. As in, they get the normal junk messages, but not the replicating ones.
OK my friend.....
Next time this happens do not delete anything off the server.
Email Just Host immediately and tell them about what has been happening. They will inspect your server and monitor the situation should it arise again. Anything to do with the server it is their responsibility. Change your password to the server, FTP etc.... frequently. (They will tell you this anyhow)
Do NOT put (text) email addresses on your pages either, insert them as images or in a fashion where a spambot cannot recognise e.g. frank [at] mywebsite.com
The spambots crawl websites collecting email addresses......
www.frankscybercafe.com
Autor
Cheers Cheeky Man,
For you consideration I've created a zip file with the emails of the contents as submitted to the guestbook, numbered in the order they arrived.
Also pictures of what happens when the delete button on the first item is pressed, which shows how the messages increase in number. The pictures are in sequential order.
I've had to upload them to the server as they come in at more than the 1Mb limit to attach them here.
www.glenncoggin.co.uk/guestbook.zip
Thanks,
HI got the zip thanks......
I suggest now re-installing the guestbook under a different name on the server.
Then put a warning above the guestbook saying these comments will be approved before going in!! Or words to that effect. If it is a virus and replicates itself someone has entered your server.....
My forum below is being targeted by someone as we speak.... These are complete and utter morons. Unfortunately the internet is full of them ha ha
www.frankscybercafe.com
Autor
Cheers, Am doing that now.
I was wondering whether the problem is not so much a virus (linux server et al), more that the php guestbook script is not correctly handling some html content with the submitted messages.
Autor
Changing the name of the guestbook has made no difference.
Autor
The only solution I can think up would require a change in the guestbook widget.
I think how they are getting around the CAPTCHA is that if you right-click on any of the letters, you get see the name of the image, get enough image names and you know the string.
What is needed is to store the letters A - Z in say the RES directory, then when the guestbook.php is called, copy 5 letters from the A - Z and place them in a temporary directory, and name the 5 letters with randomly generated names.
In case they are using picture recognition, I'm going to replace the images with my own letters using different fonts, sizes, rotation and colours and see if that helps, if not then I'm correct that it has to do with the filenames (unless you can think of any other way that they are getting around the CAPTCHA)
Autor
Well the newly designed letters didn't work either!
Darren having delved into this further......
Some more users are having the same problems?? Cannot understand this at all!!
Send Incomedia staff a private message outlining what is happening and I would install:
www.smartgb.com
(FREE! Guestbook one I use for my V8 projects)
You cannot dwell on this problem forever Darren so you have to move on till it's sorted. This is what I would do. I've already helped another X5er install this guestbook having had the same problems as you!!
Sorry it's only a temporary solution....... Something might be causing an execution of the X5 code? Until it's solved I suggest taking this action don't you agree?
See: http://answers.websitex5.com/post/4349
www.frankscybercafe.com