1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Stop Forum Spam - Attack

Discussion in 'Off Topic' started by Adam Howard, Aug 22, 2012.

  1. Adam Howard

    Adam Howard Well-Known Member

    Many people here use StopForumSpam.com

    Seems as though the spammers are fighting back

    Screenshot from 2012-08-22 15:33:13.png
  2. Digital Doctor

    Digital Doctor Well-Known Member

    An error was encountered

    Error: Unable to fetch daily top ip_addr.
  3. Walter

    Walter Well-Known Member

    If the addons can't connect to SFS....
    Hope the best.
  4. Adam Howard

    Adam Howard Well-Known Member

    Nothing is connecting to Stop Forum Spam right now.... The other two are still working though, but I admit their database isn't as big as SFS
  5. Walter

    Walter Well-Known Member

    And Fspamlist limits the queries to 5000 per day - not enough for big sites.
  6. Walter

    Walter Well-Known Member

  7. Adam Howard

    Adam Howard Well-Known Member

    Anyone with a VPS or Dedicate Server could use this

    Command: crontab -e

    0 12 * * * /home/spam.sh >/dev/null 2>&1

    echo “”
    echo -n “Deleting DROP list from existing firewall…”
    #This will delete all dropped ips from firewall
    ipdel=$(cat $FILE  egrep -v ‘^;’ awk ‘{ print $1})
    ipblock in $ipdel
    $IPT -D spamhaus-droplist -s $ipblock -j DROP
    -D droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List”
    echo -n “Applying DROP list to existing firewall…”
    #This will drop all ips from spamhaus list.
    [ -f $FILE ] && /bin/rm -f $FILE || :
    cd /tmp
    wget $URL
    =$(cat $FILE  egrep -v ‘^;’ awk ‘{ print $1})
    $IPT -N spamhaus-droplist
    for ipblock in $blocks
    $IPT -A droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List”
    -A droplist -s $ipblock -j DROP
    -I INPUT -j droplist
    -I OUTPUT -j droplist
    -I FORWARD -j droplist
    echo “…Done”
    Now if I could figure out how to change this into an add-on for XenForo .... That would be cool. I've been playing with it, but I seem to have hit a wall.
  8. AlexT

    AlexT Well-Known Member

    Adam Howard likes this.
  9. pedigree

    pedigree Member

    There wasn't a DoS or anything like that. PHP started to play up in that it was rejecting connections on the unix socket from the webserver. Once PHP restarted, mysql started to load way too much due to an issue with innodb is its lack of support for count(1), my mistake really. Once mysql restarted, the site was slow due to the caches being cold but once they warmed up, everything started working just fine. I've got new code coming that will remove a lot of these issues.
    Adam Howard and Walter like this.
  10. Walter

    Walter Well-Known Member

    SFS was down for 10 minutes, massive packet loss.

Share This Page