vb.org Archive - View Single Post - Anti-Spam Options - [GlowHost] Spam-O-Matic

Menewsha · #**2807** 05-08-2013, 05:18 AM

Cool plugin, but there is a pretty serious oversight in this plugin which led to a ton of abuse recently.

The remote cache option states the following: "Duration in minutes that remote queries should be cached to reduce query traffic / lookup duration and load on the remote server"

However the code says this:

$sql = 'DELETE FROM '.TABLE_PREFIX.'glowhostspamomatic_remotecache WHERE `date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' DAY); ';

So we were hit by a botnet (one new registration attempt every four seconds, not even exaggerating) and we were expecting that after an IP was reported, that we wouldn't see that IP registering again after the 30 minute cache timeout. This led to two issues:

1) The cache isn't cleared for the banned user immediately, meaning the bot could immediately reregister without SFS being checked for the new entry.

2) The cache was 30 days old, so the same IP would literally create thousands of accounts before the cache would clear and start reporting the abuse.

This also led to another observation of the code. The order of checks goes username, email, IP. However the order of checks (to take advantage of cache) should go IP, email, username. The code shouldn't even waste time querying for a bad username if it knows the IP is bad, so why put unnecessary strain on the SFS service by querying for username if the IP is bad?

So, as I said, great plugin, but it needs some changes to work properly on a high traffic site effectively.

Edit: I thought I'd mention how I changed the query. This should hopefully increase cache efficiency also:

$sql = 'DELETE FROM '.TABLE_PREFIX.'glowhostspamomatic_remotecache WHERE (`date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' MINUTE) and is_spambot = 0) or (`date` < DATE_SUB(NOW(), INTERVAL '.(int)$vbulletin->options['glowhostspamomatic_remote_cache'].' DAY) and is_spambot = 1); ';

This would delete SFS negatives that are 30 minutes old, while letting SFS positives sit in the database cached for 30 days.

X vBulletin 3.8.12 by vBS Debug Information
Page Generation 0.01181 seconds Memory Usage 1,766KB Queries Executed 11 (?)
More Information
Template Usage: (1)SHOWTHREAD_SHOWPOST (1)ad_footer_end (1)ad_footer_start (1)ad_header_end (1)ad_header_logo (1)ad_navbar_below (1)footer (1)gobutton (1)header (1)headinclude (6)option (1)post_thanks_box (1)post_thanks_button (1)post_thanks_javascript (1)post_thanks_navbar_search (1)post_thanks_postbit_info (1)postbit (1)postbit_onlinestatus (1)postbit_wrapper (1)spacer_close (1)spacer_open Phrase Groups Available: global postbit reputationlevel showthread	Included Files: ./showpost.php ./global.php ./includes/init.php ./includes/class_core.php ./includes/config.php ./includes/functions.php ./includes/class_hook.php ./includes/modsystem_functions.php ./includes/functions_bigthree.php ./includes/class_postbit.php ./includes/class_bbcode.php ./includes/functions_reputation.php ./includes/functions_post_thanks.php Hooks Called: init_startup init_startup_session_setup_start init_startup_session_setup_complete cache_permissions fetch_postinfo_query fetch_postinfo fetch_threadinfo_query fetch_threadinfo fetch_foruminfo style_fetch cache_templates global_start parse_templates global_setup_complete showpost_start bbcode_fetch_tags bbcode_create postbit_factory showpost_post postbit_display_start post_thanks_function_post_thanks_off_start post_thanks_function_post_thanks_off_end post_thanks_function_fetch_thanks_start post_thanks_function_fetch_thanks_end post_thanks_function_thanked_already_start post_thanks_function_thanked_already_end fetch_musername postbit_imicons bbcode_parse_start bbcode_parse_complete_precache bbcode_parse_complete postbit_display_complete post_thanks_function_can_thank_this_post_start showpost_complete
Messages: