Page Index Toggle Pages: 1 [2] 
Topic Tools
Hot Topic (More than 10 Replies) Spambots as DDoS? (Read 3,825 times)
Dandello
YaBB Administrator
YaBB Next Team
Operations Team
Beta Testers
Support Team
*****
Offline



Posts: 2,266
Location: Earth

YaBB 2.6.0
Re: Spambots as DDoS?
Reply #2 - Mar 6th, 2013 at 9:07pm
Post Tools
I get nearly 500 attempts a day on a not very busy forum (the testbed) and at least a couple Guardian notices a day of bad actors trying stuff. I'm guessing your subject matter was/is controversial enough to warrant some serious attacks.

I'm sorry your suggestion concerning .htaccess banning of repeated attempts didn't get picked up to get worked on. It's something that might be valuable.  Embarrassed
  

If you only have one solution to a problem you're not trying hard enough!
Back to top
WWW  
IP Logged
 
George Maschke
Full Member
***
Offline



Posts: 315
Re: Spambots as DDoS?
Reply #1 - Mar 6th, 2013 at 8:22pm
Post Tools
Well, the sheer volume of registration attempts by spam bots has caused my webhosting company, CanadianWebhosting.com, to suspend my account permanently. To be sure: spam was not being posted on my forum. The spam bots were only rarely successful in registering an account. But the sheer volume of registration attempts from various IP addresses has repeatedly overwhelmed the server.

Again, I'm curious as to whether any other YaBB admins have had similar problems with their forums, or is mine an exceptional case?
  

Back to top
IP Logged
 
George Maschke
Full Member
***
Offline



Posts: 315
Spambots as DDoS?
Jan 5th, 2013 at 7:36am
Post Tools
My forum (https://antipolygraph.org/cgi-bin/forums/YaBB.pl) has been under constant assault by spambots for some time now. While various security features in YaBB have prevented most automated registrations and spam postings, the sheer volume of attempts has caused the site's CPU, memory, and input/output usage to exceed quotas. Last month, our webhosting company temporarily suspended our account to prevent a server crash.

I'm wondering whether any other YaBB admins have experienced similar issues? Any ideas on solutions?

My (hopefully temporary) fix has been to disallow automated registration, guest posting, and guest broadcast PMs to admins. Instead, I've put a note in the forum template telling readers to e-mail us to request an account.

It would be great if YaBB could recognize, say, X repeat failed CAPTCHA responses from an IP address and then, through .htaccess, deny further requests from that IP address for Y minutes.
« Last Edit: Jan 5th, 2013 at 7:38am by George Maschke »  

Back to top
IP Logged
 
Page Index Toggle Pages: 1 [2] 
Topic Tools
 
  « Board Index ‹ Board  ^Top