| Author |
 Topic  |
|
barrynet
Starting Member
36 Posts |
 Posted - 20 January 2009 : 00:06:13
|
quote:
Originally posted by ruirib
Barry,
You need to check your web server logs, to find out how they got in there. Seeing the M_DATE would allow you to know the precise time of their registration, so it's easy to use server logs to find out what's happening.
ruirib and Shaggy
I got the logs but I can not even begin to read whats in there, its just line after line of data. What am I looking for??
cheers
Barry
< |
 |
|
|
Carefree
Advanced Member
Philippines
4212 Posts |
Posted - 20 January 2009 : 01:04:51
|
| If you're still up, post a link to your "topic.asp" in .txt format and I'll try and solve it for you.< |
|
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 20 January 2009 : 04:28:33
|
If you want to zip up a couple relevant to the dates of "registration" and e-mail them to one or both of us with the values in the M_DATE field of a couple of the members, we can have a look for you.
One other thing nobody else seems to have mentioned is that you may have been hacked through an unpatched exploit in your forums and someone may have assigned themselves admin privelges which would allow them to approve pending members. You should check that you don't have any extra admins.
And the reason you see a different members list when you're logged in as administrator is that normal users won't see deleted members.
< |
 Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
|
|
|
barrynet
Starting Member
36 Posts |
Posted - 20 January 2009 : 09:33:44
|
I have to go and get some blood work done and see a Doctor today,
will provide the logs and code later tonight.
Again thanks for your assistance and patience with me
cheers
Barry
Ottawa, Canada< |
|
|
|
barrynet
Starting Member
36 Posts |
|
|
Carefree
Advanced Member
Philippines
4212 Posts |
Posted - 20 January 2009 : 20:30:06
|
| I must have had one of those "senior moments" myself. I don't need your "topic.asp" file, I need the "register.asp" in .txt format. Sorry.< |
|
|
|
barrynet
Starting Member
36 Posts |
Posted - 20 January 2009 : 21:03:47
|
quote:
Originally posted by Carefree
I must have had one of those "senior moments" myself. I don't need your "topic.asp" file, I need the "register.asp" in .txt format. Sorry.
Now you have had 2
Its in the post above. I thought you wanted the topic one as well so I included both
< |
Edited by - barrynet on 20 January 2009 21:05:47 |
|
|
|
Carefree
Advanced Member
Philippines
4212 Posts |
Posted - 20 January 2009 : 22:58:17
|
| OK - no more blonde/senior moments. This works:< |
|
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 21 January 2009 : 04:30:32
|
quote:
Originally posted by barrynet
Shaggy and Rui I sent the link to my log files via your Email.
Sorry, Barry, can you resend it? I accidentally junked it 
< |
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
|
|
|
barrynet
Starting Member
36 Posts |
Posted - 21 January 2009 : 16:59:09
|
quote:
Originally posted by Shaggy
quote:
Originally posted by barrynet
Shaggy and Rui I sent the link to my log files via your Email.
Sorry, Barry, can you resend it? I accidentally junked it
Done
thanks
Barry< |
|
|
|
barrynet
Starting Member
36 Posts |
Posted - 21 January 2009 : 20:26:56
|
quote:
Originally posted by Carefree
OK - no more blonde/senior moments. This works:
Hooray that works great, thanks Carefree.
It may be a bit rude to just dump them back to the logon page without an explanation. I am really going to stretch my welcome here  and ask two things
1. Could the send to default.asp be changed to something named badnames.asp in which there would be an explanation and the option of returning to the registration page page. That might not work without a timer that would fall through to default.asp if the option is not chosen by a robot.
Might be easier for me to just add a warning "First and Last name must be different" under the "you need to have a valid e-mail address." on the registeration page.
2. Would it be hard to provide the code now that you know what works to check the country(s). It would be a separate if statement in front of the name check one you provided. I do not care if they are informed of the problem. 
Thanks very much, can't say it enough.
Now I need to wait and see what happens.
cheers
Barry
< |
Edited by - barrynet on 21 January 2009 20:27:51 |
|
|
|
Carefree
Advanced Member
Philippines
4212 Posts |
Posted - 21 January 2009 : 21:36:11
|
You realize that if you tell the spammers why you are rejecting their bot scripts, they'll simply modify the scripts and spam you again?
That said, here's the routine included for the country.< |
|
|
|
barrynet
Starting Member
36 Posts |
Posted - 21 January 2009 : 23:05:23
|
Oh so its not just a case some some dumb code wandering around, someone actually looks.
In that case it makes no sense to tell them. Hope they do not monitor this forum.
cheers
Barry< |
|
|
|
Shaggy
Support Moderator
Ireland
6780 Posts |
Posted - 22 January 2009 : 04:12:52
|
quote:
Originally posted by barrynet
quote:
Originally posted by Shaggy
Sorry, Barry, can you resend it? I accidentally junked it
Done
thanks
Barry
Got it Can you post a few values from the M_DATE field for a few suspect accounts so we can pinpoint exactly where in the logs we should be looking?
< |
Search is your friend
“I was having a mildly paranoid day, mostly due to the
fact that the mad priest lady from over the river had
taken to nailing weasels to my front door again.” |
Edited by - Shaggy on 22 January 2009 04:13:10 |
|
|
|
barrynet
Starting Member
36 Posts |
|
|
Topic |
|
Topic Locked
