Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Display Modes
  #1  
Old 06-14-2012, 11:28 PM
hunter22375 hunter22375 is offline
 
Join Date: Mar 2008
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Huge Spike in Guests on Board

I have WAY more guests on my board than usual. I normally run about 600+ and right now I am at over 3800!!!!!! Also, I am receiving about 500 undeliverable emails a day in my inbox as if people attempted to sign up with a bogus email and could not confirm it. Neither the board or my third party member management system show all these failed sign ups and I have human verification turned on using Captcha. Has anyone had this happen to them? Is it some sort of an attack to overwhelm my board?
Reply With Quote
  #2  
Old 06-15-2012, 02:58 PM
Bluemax712 Bluemax712 is offline
 
Join Date: Oct 2010
Posts: 186
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

One thing to check is make sure your MySQL server isn't exposed or at least limit outside connections to it.
There is a relatively new vulnerability that is trivial to pull off if your server hasn't been patched yet.

http://www.h-online.com/open/news/it...e-1614990.html
Reply With Quote
  #3  
Old 06-15-2012, 03:59 PM
hunter22375 hunter22375 is offline
 
Join Date: Mar 2008
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I read the article and, for the most part, have an idea of what I had an idea of what it was saying. What my question then becomes is, why aren't all these new fake members showing up in vB or my third party member management system? Because regardless if a member fails to confirm their email because they provided a bogus one, their screen name still shows up and they get added to the total member amount.....which has not changed along with the hundreds of undeliverable emails I have been receiving.
Reply With Quote
  #4  
Old 06-15-2012, 04:08 PM
Bluemax712 Bluemax712 is offline
 
Join Date: Oct 2010
Posts: 186
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

I only mentioned the MySQL vulnerability thinking if it is open to outside connections
it could be attracting people looking to break in.

Do you use Glowhost Spam-O-Matic (highly recommended)
https://vborg.vbsupport.ru/showthrea...t=Spam-O-Matic

It will block a lot of bots and has a good logging system telling you what it's doing
Reply With Quote
  #5  
Old 06-15-2012, 11:40 PM
hunter22375 hunter22375 is offline
 
Join Date: Mar 2008
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thanks, I don't pretend to know alot about server management so I appreciate the help. I'm not even sure if how I described the issue made sense...lol. I will look into that. Thanks again.
Reply With Quote
  #6  
Old 06-15-2012, 11:51 PM
Andy Andy is offline
 
Join Date: Sep 2003
Location: San Francisco
Posts: 138
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by hunter22375 View Post
I have human verification turned on using Captcha.
Which captcha are you using? The Question & Answers or the one that requires entering in a few characters?
Reply With Quote
  #7  
Old 06-16-2012, 12:32 AM
hunter22375 hunter22375 is offline
 
Join Date: Mar 2008
Posts: 153
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andy View Post
Which captcha are you using? The Question & Answers or the one that requires entering in a few characters?
The one that requires entering characters.
Reply With Quote
  #8  
Old 06-16-2012, 12:50 AM
Andy Andy is offline
 
Join Date: Sep 2003
Location: San Francisco
Posts: 138
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by hunter22375 View Post
The one that requires entering characters.
That's the problem. It's been cracked years ago. Here's what I suggest you do.

https://www.vbulletin.com/forum/show...-on-your-forum
Reply With Quote
  #9  
Old 06-16-2012, 03:23 AM
CAG CheechDogg's Avatar
CAG CheechDogg CAG CheechDogg is offline
 
Join Date: Feb 2012
Location: Riverside, California USA
Posts: 1,080
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Andy View Post
That's the problem. It's been cracked years ago. Here's what I suggest you do.

https://www.vbulletin.com/forum/show...-on-your-forum
I disagree with you Andy, if that was the problem I would have it on my site as well. I only use the reCaptcha with characters and I have had no problems with it.

He has to make sure his Publick and Private Keys are valid first of all.

I don't even know where you got that it got cracked years ago, lol.

hunter22375 if you need further assistance with this contact me via pm buddy, there are other ways to stop this from happening in your forums.
Reply With Quote
  #10  
Old 06-16-2012, 10:53 AM
Andy Andy is offline
 
Join Date: Sep 2003
Location: San Francisco
Posts: 138
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by CAG CheechDogg View Post
I disagree with you Andy, if that was the problem I would have it on my site as well. I only use the reCaptcha with characters and I have had no problems with it.

He has to make sure his Publick and Private Keys are valid first of all.

I don't even know where you got that it got cracked years ago, lol.
Please type this into google.com

reCaptcha cracked site:vbulletin.com
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 12:57 PM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.05244 seconds
  • Memory Usage 2,252KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (5)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete