[CentOS-devel] URGENT: Website and fora at risk due to automated spammer account creation

Ljubomir Ljubojevic office at plnet.rs
Thu Sep 15 08:40:36 EDT 2011


Време: 09/15/2011 12:54 PM, Fabian Arrotin пише:
> On 09/14/2011 05:44 PM, Phil Schaffner wrote:
>> http://bugs.centos.org/view.php?id=5105
>
>> Proposed approach:
>>
>> 1. Implement some automated way of deleting accounts as described above.
>> 2. Implement captcha or some other mechanism in the account creation
>> process to foil the bots.
>>
>
> I guess that someone with access to the machine and the corresponding
> mysql db/tables can do that, assuming that such 'research' has to be
> done to know what to delete from the xoops db ...
> I don't know if captcha is available for that old xoops version. What i
> did for the fr.centos.org forum (using captcha by default) was also to
> moderate the first post of every new user : spammers not seeing their
> posts appearing on the forum stop to post (i guess the bot does a check
> and stop after several attempts). That means that the moderator (me) has
> to check the first post of each new user, but that's safer and easier
> than having to deal with millions of posts from autogenerated accounts
>
> Fabian

+1


-- 

Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

Google is the Mother, Google is the Father, and traceroute is your
trusty Spiderman...
StarOS, Mikrotik and CentOS/RHEL/Linux consultant


More information about the CentOS-devel mailing list