Jump to content

Advanced Guestbook


Recommended Posts

Ok I set the guestbook flooding level to allow one post per day, but would like to block these jerks completly.....they use different yahoo accounts usually with just a first name....I have a feeling these are not valid email addy's. I don't see a IP address or maybe I don't know what I am looking at....this is the data from the admin area:

 

Vova

vova@yahoo.com

Location:

Florida

 

Tue, July 12, 2005 15:10 IP: 115.Red-80-32-151.pooles.rima-tde.net

URL: http://levit.hautlynx.com/

 

Is there a way to block all with a @yahoo.com addy?

 

Thanks!

Donna

Link to comment
Share on other sites

When you go into Easy Admin, does the IP show on the right? Most of the time they do for me, but not always. If so you can just block the IP. I don't know of any way to block e-mail, and they can just enter something else anyway.

 

I don't think the features in AG work all the time. I set my comments to be password protected and I still get spammed. It wasn't bad til about two or three weeks ago. Now I'm seriously contemplating taking it down. Shame - we've had some fun posts over the past year.

Link to comment
Share on other sites

I have been through at least 2 recent upgrades as well as implementation of image verification and I am still getting absolutely hammered with bogus entries. I have in fact taken them all (AGs) down and I really do not know if I will do yet another upgrade. Sort of like throwing good time after bad at this point.

 

To echo bellringr it is a shame because I've "met" a lot of real great folks.

Link to comment
Share on other sites

When you go into Easy Admin, does the IP show on the right?  Most of the time they do for me, but not always.  If so you can just block the IP.  I don't know of any way to block e-mail, and they can just enter something else anyway.

 

I don't think the features in AG work all the time.  I set my comments to be password protected and I still get spammed.  It wasn't bad til about two or three weeks ago.  Now I'm seriously contemplating taking it down.  Shame - we've had some fun posts over the past year.

 

Yes but the IP is not complete.....some of these are comming from Russia......as the country code at the end of other entries are .ru or maybe that's Romania.

Link to comment
Share on other sites

I have been through at least 2 recent upgrades as well as implementation of image verification and I am still getting absolutely hammered with bogus entries. I have in fact taken them all (AGs) down and I really do not know if I will do yet another upgrade. Sort of like throwing good time after bad at this point.

 

To echo bellringr it is a shame because I've "met" a lot of real great folks.

 

Yep it will be a shame to have to dump it.

Link to comment
Share on other sites

I am giving up on AVG

it will be a pain, but I am switching to viper with post approval.

 

For now I have copied the index.php over to entry.php and admin.php

so both links goto the GB.

 

I don't know anything about Viper but will check it out........thanks Don!

Link to comment
Share on other sites

I have been through at least 2 recent upgrades as well as implementation of image verification and I am still getting absolutely hammered with bogus entries. I have in fact taken them all (AGs) down and I really do not know if I will do yet another upgrade. Sort of like throwing good time after bad at this point.

 

To echo bellringr it is a shame because I've "met" a lot of real great folks.

 

Well it took some doing but I was able to HUNT [track] down what the real IP numbers were and have blocked em....the host is in SPAIN...so far no break thurs :flex:

Link to comment
Share on other sites

Just for this very reason, I removed my Guestbook from one of my sites. Once it starts it multiplies exponentialy, however, I left the AVG on my other site which started getting slammed. What I did was restrict the word length for the message body to 30 chr.

 

The spammers were coming in and stating something like "Very nice site! followed by perhaps 10 URL's. As it turns out, on average a URL exceeds 30 chr. They have not come back in 3 weeks since I made the change. An error message will appear on the screen and block the input.

 

Loren

Link to comment
Share on other sites

  • 1 month later...
I use the image verification mod for Advanced Guestbook and have never been spammed.  You may want to look into something similar.

 

 

Hello.. reading this thread, just recently I've gotten spammed hard.. I've saived the emails.. thought there was a way perhaps to report them but now I'm thinking it is probably a lost cause. How do I get the "Image Verification mod" you mention so I can try it? If I use that, will I lose my existing entries?

 

Thanks,

Ron

Link to comment
Share on other sites

The image verification works well but is not that well integrated into the guestbook. I have written a number of anti spam modifications for Advanced Guestbook with the most successful being the human verification. You can find all the mods I wrote on the Advanced Guestbook forum at http://proxy2.de or have a look at Lazarus which has them built in (not the image verification though).

 

Oh and you will also find my mod to make AG store the IP address and not the hostname there as well. Again this is an option in Lazarus

Edited by carbonize
Link to comment
Share on other sites

As I have already told two other people via PM you need to update from 2.3.1 to either 2.3.3 or Lazarus. 2.3.1 has 2 documented exploits that 2.3.3 and Lazarus patch. As to stopping spam take a look at the Advanced Guestbook forum on http://proxy2.de

 

Ignore the anti spam comments as I see you are using my image verification mod.

Edited by carbonize
Link to comment
Share on other sites

  • 2 weeks later...
I ended up leaving my guestbooks in place after it was suggested to just change the name of the folder. Been 6 weeks and I haven't had a single new incident.

 

I renamed entry and comment-related scripts. Worked for a while, until the spammers caught on.

 

Later on I upgraded to Lazarus (AGB's cousin), which uses a user-defined question to test against bots. Alas, the spammers took pains to answer the question, so I still got spam. i.e. Against human-delivered spam I am still at a loss as to how best to deflect them.

 

I checked to see if these spammers are using blacklisted open proxies (which would make it possible to block posts coming from them), well, apparently not :(

 

I may end up having to approve all posts manually, at least until the human spammers give up.

Edited by a__kc
Link to comment
Share on other sites

Hmm I would be suprised if the spammers bothered to get your anti bot test question and put it in their script/program. The one thing I alway sask people who say they are getting spam even with the human verification is this, do you have another copy of either Lazarus or Advanced Guestbook on your server that is pointing at the same database as the copy you use on your site?

Link to comment
Share on other sites

Thats what I had to do, and no more spam,

its a small price to pay to have to approve an entry.

The spammers try once and give up

 

TCH-Don, newbie here requesting some help. My guestbook is getting spammed and I would love to be able to moderate posts. I am not a PHP developer or a programmer for that matter. Do you think you could walk me through the steps to setup an approval process like you did? Any help would be very much appreciated.

 

Thanks!

 

Mary Beth :)

Link to comment
Share on other sites

TCH-Don, newbie here requesting some help.  My guestbook is getting spammed and I would love to be able to moderate posts.  I am not a PHP developer or a programmer for that matter.  Do you think you could walk me through the steps to setup an approval process like you did?  Any help would be very much appreciated.

 

Thanks!

 

Mary Beth  :)

Which guestbook script are you currently using?

Link to comment
Share on other sites

Which guestbook script are you currently using?

 

Hi Carbonize,

 

Thanks for the reply, I'm using Advanced Guestbook version 2.3.3. I was just on your Lazarus site and I have no idea how to switch. This is all new to me. Don't you love us clueless people? :dance:

 

Mary Beth

Edited by marybetht
Link to comment
Share on other sites

Lazarus is based upon Advanced Guestbook and uses the exact same database structure. I always recommend backing up your database first just to be safe. Simply download Lazarus, edit the database information in admin/config.inc.php file to match that in the config.inc.php file of your Advanced Guestbook. Then upload Lazarus to your space and visit install.php in your web browser and select the update option to add the new fields etc to the database.

Link to comment
Share on other sites

Lazarus is based upon Advanced Guestbook and uses the exact same database structure. I always recommend backing up your database first just to be safe. Simply download Lazarus, edit the database information in admin/config.inc.php file to match that in the config.inc.php file of your Advanced Guestbook. Then upload Lazarus to your space and visit install.php in your web browser and select the update option to add the new fields etc to the database.

 

Hi Carbonize,

 

Well, I actually found the admin/config.inc.php file, so that's a start. Don, I'll back that file up to my hard drive first, thanks.

 

Thanks for all the help guys, I think this will get me going. I'm at my "real" job right now, so I'll try this later. :dance:

 

One last question, is there anyway to not lose my posts?

 

 

MB

Edited by marybetht
Link to comment
Share on other sites

You can also goto your cpanel > backup and download a back up of your database, may be called agbook1.gz

just click on it and save it as a backup.

 

I actually removed all my guestbook files in my guestbook folder

after downloading them to my computer and started fresh with Lazarus.

Link to comment
Share on other sites

You can also goto your cpanel > backup and download a back up of your database, may be called agbook1.gz

just click on it and save it as a backup.

 

I actually removed all my guestbook files in my guestbook folder

after downloading them to my computer and started fresh with Lazarus.

 

 

Thanks, Don, I just downloaded a copy of agbook1.gz.

 

MB

Link to comment
Share on other sites

  • 2 months later...

I did some things that to help slow these spammer criminals down but I haven't stopped them. I upgraded to the latest version of AdvancedGuestbook but I don't see any improvement. I will try some of the other suggestions I see in this forum. I changed the flood control to a time interval of 10 minutes and will keep increasing it as necessary. To protect my guests I censored "http" to cause the spammer URL to be invalid if it is entered in the comments. I also censored most of the product and medication names that are usually in these messages. This doesn't stop them but is my little way of getting back at them. I changed the name of the directory and that worked for a few days but it didn't take them long to find it again so that was a fruitless effort. I have not had a problem (yet) with images but that will probably be the next thing. I pulled my guest book for about a week and for some reason I wasn't bothered for a couple of weeks after I put it back on-line. I hate to loose my old guest remarks if I have to change to another program. ;)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...