PHPJunkyard support forum


https://developers.phpjunkyard.com/

gbook 1.5 - Does Banning IP addresses work?

https://developers.phpjunkyard.com/viewtopic.php?t=1558

Page 1 of 1

gbook 1.5 - Does Banning IP addresses work?

Posted: Sat Aug 04, 2007 2:35 pm
by Rizlaw
Script URL:
Version of script:1.5
Hosting company:Ihosts
URL of phpinfo.php:
URL of session_test.php:
What terms did you try when SEARCHING for a solution:Y

Write your message below:
I have gbook 1.5 installed and all of the anti-spam features enabled. For the most part gbook works quite well. However, recently, gbook has been notifying me of a spammer who is able to get past the defenses of gbook :evil:

The email notification I receive about this spammer states:
Name: pharma
From: africa
email: google@gmail.com
Website: ______________

Weekly, I have to delete this spam entry and check off "Ban IP address", but the spam keeps coming back. So my question is: does banning an IP address work in gbook, since it doesn't seem to be working to stop this spammer. My suspicion is that the spammer's IP address keeps changing?

Also, for anyone interested in the concept of "captchas" (the graphic with the embedded numbers) that gbook uses to try and thwart spammers) I highly recommend Steve Gibson's "Security Now!" podcast: Episode 101, entitled "Are You Human!" which can be found at:
http://leoville.tv/podcasts/sn.xml

Posted: Mon Aug 06, 2007 7:20 pm
by Klemen
IP banning does work, but like you suspected this spammer can be changing his/her IP address.

SPAM evolves, there's no denial of that. And thus GBook security needs to be updated as well, but I don't think I will have time for any major updates (if any) until the end of October.

As a temporary solution to this particular spammer you might want to reject all posts that contain "google@gmail.com" as e-mail. Can be as simple as adding this code:

Code: Select all

if ($email=='google@gmail.com') {die('Go away SPAMMER!');}
just below line 87

Code: Select all

$isprivate=gbook_input($_POST['private']);
Not a perfect solution, I know, but a temporary one nevertheless.

Posted: Mon Aug 06, 2007 9:01 pm
by Rizlaw
Klemen Stirn wrote:IP banning does work, but like you suspected this spammer can be changing his/her IP address.

SPAM evolves, there's no denial of that. And thus GBook security needs to be updated as well, but I don't think I will have time for any major updates (if any) until the end of October.

As a temporary solution to this particular spammer you might want to reject all posts that contain "google@gmail.com" as e-mail. Can be as simple as adding this code:

Code: Select all

if ($email=='google@gmail.com') {die('Go away SPAMMER!');}
just below line 87

Code: Select all

$isprivate=gbook_input($_POST['private']);
Not a perfect solution, I know, but a temporary one nevertheless.
Thanks. Along with your email I received another notification that the spammer had signed the guestbook. I will add the code now and see if it keeps him out. :)
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited