gbook 1.5 - Does Banning IP addresses work?

Dr. GBooky is here to help you with your guestbook problems ...
Post Reply
Rizlaw
Posts: 8
Joined: Sun Feb 19, 2006 7:26 pm

gbook 1.5 - Does Banning IP addresses work?

Post by Rizlaw »

Script URL:
Version of script:1.5
Hosting company:Ihosts
URL of phpinfo.php:
URL of session_test.php:
What terms did you try when SEARCHING for a solution:Y

Write your message below:
I have gbook 1.5 installed and all of the anti-spam features enabled. For the most part gbook works quite well. However, recently, gbook has been notifying me of a spammer who is able to get past the defenses of gbook :evil:

The email notification I receive about this spammer states:
Name: pharma
From: africa
email: google@gmail.com
Website: ______________

Weekly, I have to delete this spam entry and check off "Ban IP address", but the spam keeps coming back. So my question is: does banning an IP address work in gbook, since it doesn't seem to be working to stop this spammer. My suspicion is that the spammer's IP address keeps changing?

Also, for anyone interested in the concept of "captchas" (the graphic with the embedded numbers) that gbook uses to try and thwart spammers) I highly recommend Steve Gibson's "Security Now!" podcast: Episode 101, entitled "Are You Human!" which can be found at:
http://leoville.tv/podcasts/sn.xml
Top
Klemen
Site Admin
Posts: 10116
Joined: Fri Feb 11, 2005 4:04 pm

Post by Klemen »

IP banning does work, but like you suspected this spammer can be changing his/her IP address.

SPAM evolves, there's no denial of that. And thus GBook security needs to be updated as well, but I don't think I will have time for any major updates (if any) until the end of October.

As a temporary solution to this particular spammer you might want to reject all posts that contain "google@gmail.com" as e-mail. Can be as simple as adding this code:

Code: Select all

if ($email=='google@gmail.com') {die('Go away SPAMMER!');}
just below line 87

Code: Select all

$isprivate=gbook_input($_POST['private']);
Not a perfect solution, I know, but a temporary one nevertheless.
Klemen, creator of HESK and PHPJunkyardWas this helpful? You can buy me a drink here Image

Image You should follow me on Twitter here

Help desk software | Cloud help desk | Guestbook | Link manager | Click counter | more PHP Scripts ...

Also browse for php hosting companies, read php books, find php resources and use webmaster tools
Top
Rizlaw
Posts: 8
Joined: Sun Feb 19, 2006 7:26 pm

Post by Rizlaw »

Klemen Stirn wrote:IP banning does work, but like you suspected this spammer can be changing his/her IP address.

SPAM evolves, there's no denial of that. And thus GBook security needs to be updated as well, but I don't think I will have time for any major updates (if any) until the end of October.

As a temporary solution to this particular spammer you might want to reject all posts that contain "google@gmail.com" as e-mail. Can be as simple as adding this code:

Code: Select all

if ($email=='google@gmail.com') {die('Go away SPAMMER!');}
just below line 87

Code: Select all

$isprivate=gbook_input($_POST['private']);
Not a perfect solution, I know, but a temporary one nevertheless.
Thanks. Along with your email I received another notification that the spammer had signed the guestbook. I will add the code now and see if it keeps him out. :)
Top
Post Reply

Return to “GBook - guestbook”