Hosting Server does not allow pixelpost because of spammers

Visualpixel,

first step would be for sure to upgrade to PP 1.4.2
because we made these changes in 1.4.2 to stop this

but even if you upgrade to 1.4.2, the spam bots will attack PP because they have this URL of you in their lists...

so, the first steps should be:

move PP to another directory/subdomain
upgrade to 1.4.2

good luck!

[bretzelman]

Why did you finally not used the blacklist words antispam that I put on my templates since pixelpost 1.3? I'm not sure, but it seems that you talked about that when I was in the dev forum.

[raminia+]

try this new solution too. very small modification
http://www.pixelpost.org/forum/viewt...?p=11238#11238

i'm responsible for http://negimaki.com/ hosting a few hundred PixelPost 1.4.x sites and have been following this "referer spam" for quite sometime now. there's no "one-shot" solution for this problem. a combination of log analysis, adding firewall rules and such are just some of the many ways to slow down rampant occurance.

if you are running Apache and have access to httpd.conf or php.ini on a UNIX/Linux environment, you can use PHP's auto_prepend capability to with th following tools:

Referer Karma
http://unknowngenius.com/blog/wordpress/ref-karma/

Bad Behavior
http://ioerror.us/software/bad-behavior/

for another layer of protection, you can also use this tool to create special filters.

mod_security (an Apache module)
http://modsecurity.org/

if you are a server admin, you better get to work. and if you don't have access to those files, be sure to bug your service provider for it.

[raminia+]

Thank you for infomation and sharing your experties.

I've made an addon from Bad Behavior for Pixelpost and it seems it works somehow...
Link:
http://www.pixelpost.org/forum/viewt...?p=11374#11374

scaturan,

thanks for your suggestions

the Bad Behaviour-script will be available as AddOn very soon, but we tested it and we did not satisfy us so well
In the moment I am checking the effect of that script ...

thanks again

[blinking8s+]

ban...humph, thats a little harsh, things like this do happen in ounger application. Several major hosts that noticed issues came right to us and mentioned the issue and suggested the areas to the fix. To ban it is extremely premature for the situation.

[visualpixel]

Hey guys,

Sorry for the long overdue reply but just wanted to let you guys know that I was able to get my site back up. I actually changed hosting servers, so I'm now being hosted by Eleven2. I also installed the bad behavior and the anti-comment spam addons. I'm still getting referral spam and bad behavior is stopping some of it. I did let Eleven2 know about my problem before I switched (apparently I was the first person to let them know about pixelpost being vulerable to spammers) and they said that they would try and stop it. Anyways thanks for all the help guys.

-Mark

with referer spam, it's no longer an issue with just PixelPost. i can post some excerpts of my Apache logs but that'll just be pointless. system administrators and web hosting customers both have to be proactive. unfortunately, one has to filter a few sets of IP-range (cidr) originating from China, Korea and Mexico to cutdown the load. and that's just the beggining and for most, it's not an option. in addition to Bad Behavior, Referer Karma, i also have mod_security filters and special Apache directives to redirect referer spam to a separate log file for analysis. even then, it's still not enough. =)

for System Admins, you might find a small tutorial i wrote to combat this problem at http://www.webhostingtalk.com/showth...hreadid=448388