Attacked…

Two of my communities were attacked by spam bots earlier today. Get this, they register 80 accounts (per site) and make hundreds or thousands of posts within minutes. They make one post per basically every thread on the entire website.

I had it cleaned up in a half hour. First, I went ahead and turned user e-mail activation on, so that they couldn’t do it again (and probably won’t be able to do it again). You see, they register all these accounts with bogus e-mails. So, if they have to confirm them via e-mail to post… they’ll never be able to post. Then I have a nice phpBB hack installed that allows me to delete all inactive accounts with a few clicks.

Anyway, back to today. I found a hack that would allow me to delete all posts made by a certain user. They had spread their posts out across maybe 80-100 user accounts overall, so I just did each username individually over and over and I was done in a little while. Then I deleted all of the bum accounts with a query in phpMyAdmin.

I now have e-mail activation turned on at all of my communities and I recommend that you do the same. I used to say that small communities should do without it, but I’ve changed my tune. The good far outweighs the bad. These guys try to register accounts on my sites all the time, but because I have the e-mail activation turned on and that hack installed, I can delete their accounts within 30 seconds. Piece of cake.

Some people have too much time on their hands.

Patrick O'Keefe

Managing online communities since 2000, I publish a collective of websites known as the iFroggy Network. I wrote the book Managing Online Forums and, as a public speaker, have presented for organizations like CNN, institutions like Australian National University and conferences like SXSW. More about me.

2 Comments

A_Jelly_Doughnut

about 15 years ago

I was going to reply to this earlier saying it won't matter...it obviously hasn't, there have been 5 users spamming over 100 posts each at phpBBhacks.com. I guess it is reduced, but certinally not solved.

Running a site isn't always fun :rollseyes:

Reply

Patrick

about 15 years ago

Yeah, not always fun. :)

But, it does matter. Anytime that you can create one extra step without really bothering real users, it matters. Nothing will be an absolute, but it is something.

Reply

Leave a Comment

Thank you for taking the time to read this post. If you would like to comment, I welcome you to do so. Please keep in mind that the atmosphere here is kind, respectful and work appropriate. If you can't disagree without being polite, this probably isn't the best place to comment.

I'm probably more strict as far as advertising goes than other sites you've commented on. If you aren't sure if something is OK, please contact me privately (rather than in the comments) or read the full Comment Guidelines. Participation constitutes acceptance of the guidelines.