In case your curiosity gets the best of you, DO NOT come to my site and apply for membership if you are NOT a biker. You will most likely NOT be very welcome and your account will more than likely be deleted. No apologies, that is just the way things are these days.
I know this thread is sort of old, but I need to let people know what I've experienced.
I was getting spammed like everyone else until I downloaded the Security System infusion.
Just a further note:
After getting yet another variation of the .info mail addy trying to register on my site I decided to do a reverse dns which pointed to "client-151-204-179-29.hamilton.k12.nj.us". A quick Whois revealed the registrant authority is : "neustar.us" and their support e-mail was of course listed.
So I mailed them and they replied with the details of the machine on that ip. It's a School in New Jersey !!!
As with all K12.NJ.US delegates (per RFC 1480), this is a school district or school in New Jersey.
According to the New Jersey Department of Education, the proper contacts for this school are:
90 Park Avenue
Hamilton Square, NJ 08690
Mr. Neil Bencivengo, Superintendent 609-631-2102
Mrs. Carol Chiacchio, Board Secretary/Business Administrator 609-631-4100
Please contact them for further assistance.
The server is "infected" perhaps if we find out what it's infected with we might get a clue how it works ?
Also for security reason isn't good thing to put users agreement text and button before they see registration form? On my test site I have that also. Don't have a spam but also that site is mostly in maintance, just sometimes I open her. But in the statistic I saw that IP numbers with 6...... visited that site.
Well, another hit. I came up with one solution, I don't know is it helpfull.
I managed to change in edit_profile.php that members cannot change theirs emaill address until they have 50 forums posts. Before that I get few of them registered and they spamed news and article comments with few comments. One time I sow one when he was online. I was banned him and delete him. After that I made changes in edit_profile.php and found one just register but without comments. Maybe it is good idea to leave theirs usernames, but change everything for them, like pass and mail? This is code. I don't know is it compatible with other versions becouase my files are moded a lot.
Anywhere in edit_profile.php found form for edit e-mail address and change end of the row (tr) before that form, e-mail form and just start of the tr code after email form in something like that. So after all only admin will be able to edit members emails all the time. Members must have 50 (less or more) forum posts to have ability to edit theirs email. Why should anywhere they change mails before that?
Hi WEC, thanks for having a look. I'm using PHP 5.0.5 on MySQL 4.1.7
The site is running on a W2K3 Server, IIS, and the browser is IE 6.0
I double checked I copied the extra code and it all looks fine ??
I just installed FF and still get opensesame-0. If I put opensesame-0 it doesnt log in
The tests i have made are on Apache servers. I think your problem is caused by you IIS configuration.
This is a quote from php.net that might help you:
Also note that until PHP 4.3.3, HTTP Authentication did not work using Microsoft's IIS server with the CGI version of PHP due to a limitation of IIS. In order to get it to work in PHP 4.3.3+, you must edit your IIS configuration "Directory Security". Click on "Edit" and only check "Anonymous Access", all other fields should be left unchecked.
Another limitation is if you're using the IIS module (ISAPI) and PHP 4, you may not use the PHP_AUTH_* variables but instead, the variable HTTP_AUTHORIZATION is available. For example, consider the following code: list($user, $pw) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
IIS Note:: For HTTP Authentication to work with IIS, the PHP directive cgi.rfc2616_headers must be set to 0 (the default value).
Need help?, Having trouble?
• View our Documentation for Guides, Standards and Functions
• Name and Organize your content correctly in the corresponding Forums for best support results
• Attaching Log Files and Screenshots when reporting issues will help
• Please read and comply with the Code of Conduct
Our site too has also been hit with some porn spams. They were originally using .info to spam comments in the news articles which were quickly deleted and stopped by adding admin verification. We have since received some e-mails with links using hotmail.com addresses, i don't know if this is a bot or a legitimate member's idea of a joke since we made them aware.
http://www.ip2location.com is useful for tracking down IP locations
http://www.afilias.info for tracking the account holder details of .info addresses.
http://www.scamfraudalert.com a discussion forum that has a thread that has been tracking these spammers for quite a while now.
Hope you find them useful in some way.
Is there some way of reporting these people once their identity has been tracked as we believe we have the exact address of the above culprit who is US based?
You can view all discussion threads in this forum. You can start a new discussion thread in this forum. You cannot reply in this discussion thread. You cannot start on a poll in this forum. You cannot upload attachments in this forum. You cannot download attachments in this forum.