I need a little help. I am using standard SQL and is working fine. The SQL is on same web server as the forums. I am getting spam which is being enter in directly to SQL and by passing Snitz forums. I have applied all the security patches from here.
How do you know it is not coming from the forum? what version are you using? Do you have any MODS installed? Do you have access to your web or sql logs?
There are no known vulnerabilities in the current forum code, so if you could provide some more info we may be able to help.
If you are not using 3.4.07, the fix in the link below is a fix known to correct a situation that allowed spam to apparently be posted by a normal forum member:
I don't understand why you say they are bypassing the Snitz forums. Looks like posts made by users who registered on the forum, so they are using the forum to post that.
Some possible solutions are there. I would voice my preference for two of them:
1. Configure the forums for email validation and user pre-aproval - named restrict registration, both available from the Email server configuration page of snitz.
This option will allow you to approve a member before he is able to post. It's rather easy to use registration details to see if a user is a spammer or not and delete the applications of those that are not.
2. Use a mod like Gatekeeper mod, that forces users to answer a configurable question before they are allowed to register.
With this (either or both options), you will stop these spammers registering and your problem will be sorted.
Just FYI, we approve every member application here and have hardly had any spams issue, ever.
Just to add the likely you have a few users who posted immensely. You can zap them and delete all their posts when doing that, which should be a good way to get rid of all that garbage.
Topic Locked
Posted - 21 August 2010 : 17:12:54
