Help! I'm not sure but I think my blog has been spam-bombed...

Grievous Angel

Beast of Burden
My blog has exceeded its bandwidth. Normally this is because of people playing mixes from the browser but I don't think that's happening right now because they're all zipped, and anyway, there don't seem to be masses of downloads.

However, I looked at the logs and AFAICT old blog posts are getting thousands and thousands of spam comments. :(

When I ask CPanel for the raw logs for November, I get a NET file (no idea what this is) and when I open this in Word, which takes a while cos it's huge, all I see is entries like this:

193.251.147.242 - - [23/Nov/2005:04:13:54 -0800] "POST /wp-trackback.php/133 HTTP/1.0" 500 - "http://blog.grievousangel.net/wp-trackback.php/133"

The log file is hundreds of pages long -- 469 at last count, it keeps going up.

Correction: the log file is nearly 11,000 pages long!!!

Could a vast volume of spam comments in old posts max out my bandwidth? I pay for 10gig a month.

And is there an easy way to disable comments in all my old posts globally in Wordpress? Sadly I have an oldish version...


Aaaaaargh!
 
Last edited:

jenks

thread death
i hope it all gets sorted.

this kind of post reminds me why i don't join the blogosphere

and not having anything meaningful to say
 

sufi

lala
been thru this & thru this
my blog had 1,000s of spam comments, which bloated me database horribly, even after i deleted/blacklisted em.... now upgraded to sexy MT4 which has a kinda creaky comment approval system, but seems to keep spam at bay.... (would be so useful if anyone ever dropped an authentic comment... or if i updated tha blog :confused: )

your problem seems to be trackback ping issue tho, like people who are linking up to your content from their blogs? POST in the logs means someone's attempting to notify you about the links and add a record of the notification onto your pages - mebbie disable trackback pingingingthingy?

maybe eden knows more about wordpress? where's he got to anyway??
 

Woebot

Well-known member
blimey paul have you only just noticed! i just assumed you had this under control or just werent bothered!

bummer anyway :-(
 

Grievous Angel

Beast of Burden
your problem seems to be trackback ping issue tho, like people who are linking up to your content from their blogs? POST in the logs means someone's attempting to notify you about the links and add a record of the notification onto your pages - mebbie disable trackback pingingingthingy?
Yeah -- but I think you need to do it for every single post!
maybe eden knows more about wordpress? where's he got to anyway??
He upgraded to 1.5 and nearly lost his whole blog in the process, but it has some slightly better spam control tools.

He's doing missionary work in Africa just now.
 

Grievous Angel

Beast of Burden
WOEBOT said:
blimey paul have you only just noticed! i just assumed you had this under control or just werent bothered!bummer anyway :-(
Well, it's a question of scale. Obviously I've had comments box spam for ages like everyone else -- if you post to Dissensus and you blog, the spammers come after you -- and I've noticed that there are one or two trackback pings coming through on email. But only one or two... I estimate there are 117,000 of the buggers in that log file... I think there's enough there to nuke my bandwidth, which is what's new -- but am I being stupid to think that?

At this rate I'm going to give up on WordPress and go to LiveJournal or blogger...
 

john eden

male pale and stale
He is back.

Email p4host and see if they can upgrade you to 1.5 remotely.

I think the only reason you can't do this already is because the blog is in a subdomain. My upgrade to 1.5 was a piece of piss - just clicked on a link in cpanel. Subsequent upgrades were a bit more problematic, but that need not bother you.

1.5 has a spamword blacklist and you can retrospectively apply it to previous posts, deleting the ones with suspect words. It also has "mass edit" which will let you delete what is left fairly easily.

If you get it sorted I will email you my blacklist which has new words added to it as new spam comes in.
 
D

droid

Guest
Shit Paul - bad juju. Noticed you went down a couple of days ago - but didnt think it was cos of spam.

Have you looked through the forums and open source sites for help? What verison you running? 1.2?

http://weblogtoolscollection.com/ar...ss-blacklist-comment-spam-filteration-system/

A friend of mine invented this one:

http://www.ioerror.us/software/wp-spamassassin/

Another one:

http://elliottback.com/wp/archives/2004/11/29/spam-stopgap-extreme/

And heres Spam Nuker for WP 1.5 - but he might have an earlier version on there as well...

http://www.chrisjdavis.org/2005/03/03/mass-delete-15/

If none of that works youre just gonna have to go through it in PHP admin and delete them all.... :(
 
D

droid

Guest
john eden said:
He is back.

Email p4host and see if they can upgrade you to 1.5 remotely.

I think the only reason you can't do this already is because the blog is in a subdomain. My upgrade to 1.5 was a piece of piss - just clicked on a link in cpanel. Subsequent upgrades were a bit more problematic, but that need not bother you.

1.5 has a spamword blacklist and you can retrospectively apply it to previous posts, deleting the ones with suspect words. It also has "mass edit" which will let you delete what is left fairly easily.

If you get it sorted I will email you my blacklist which has new words added to it as new spam comes in.


Welcome back!

How was it? The situation over there sounded a bit ropey whilst you were visiting...
 

Grievous Angel

Beast of Burden
I'm backing up my home directory (probably take all day) and then I'm gonna try and u/g to 1.5 in Cpanel.

Then wait til December for it come back to life so I can fiddle with wordpress :eek:
 
D

droid

Guest
If you want a bit of server space to test it in the meantime - i might be able to help....
 

john eden

male pale and stale
droid said:
Welcome back!

How was it? The situation over there sounded a bit ropey whilst you were visiting...

It was mad, in a good way.

We had good contacts about where to avoid, so no problems from rebel guerillas or from the slow slide towards dictatorship. More soon!
 
Top