 |
 | Anyone else noticing an increase in SpamBot and Hackers |  |
|
whitesites
|
|
I have finally taken drastic measures to solve this issue. I am outright blocking IPs. ( over 6000 ) now. If you check your server logs and notice alot of viewstate failed on your login pages this is hackers and spambots. This normally isn't a problem but some of these bots are trying to crawl my site way too fast ( 30 pages / second ), causing a performance hit on the server, and inflated numbers on smarterstats. Read more about how I am fixing this here
http://blog.whitesites.com/Stop-Hackers-and-Spam-Bots-in-IIS__633400064793789455_blog.htm How about all us developers who host with HMS start our own database of hacker / spam IPs so we can protect our sites from this trash. |
|||||||||||
|
|||||||||||||
 |
| |
|
rmathus
|
|
You might want to take a look at Project HoneyPot: projecthoneypot.org
All you need to do is embed some code in the site and then it will track IP addresses against their database. Here is an overview of their services: http://www.projecthoneypot.org/services_overview.php Might be worth a shot checking out. It sounds like you'd be looking for more of their HTTP Blacklist service. |
|||||||||||
|
|||||||||||||
|
| |
|
whitesites
|
|
Yes actually I wrote an http module just for their blacklist service. Huge difference! I used to get 30 viewstate failed logs a day in my event viewer, now its down to only 3 or 4. If anyone else wants the code for my http module for asp.net visit my blog. Nothing like drag and drop security added to your asp.net website
http://blog.whitesites.com/asp.net-http-module-for-project-honey-pot-http-IP-blacklist__633426018146370531_blog.htm |
|||||||||||
|
|||||||||||||
|
| CODE TO ELIMINATE BAD CHARACTER ON INPUT DATA | |
|
nopork
|
|
I HAVE A FUNCTION IF ANYONE IS INTERESTED, IT VALIDATES ALL INPUT DATA. WRITTEN IN ASP.
|
|||||||||||
|
|||||||||||||
|
| |
|
whitesites
|
|
Unfortunately a function that checks data is almost pointless in ASP.NET. Bad Sessions States would stop the spambots from posting anything. Most comment spam is run by a spambot that is simlply finding pages with submit forms, then attempting to post data to this page. But since they are a Bot and not a real browser they are not able to maintain a Session State meaning their data will never get posted anyway. ( the Result of any such Stateless post would be an Invalid Sessions State ) Comments doesn't get posted, but you get an error entry in your Application logs. ( which is annoying ). I fear the day in which a spambot is powerful enough to maintain sessionstate.
Just to update my previous post. Because of the high amount of false positives I have expeirence with Project Honey Pot. I am now only using stopforumspam.com's System Thus far it has proven to be 100% false positive free. |
|||||||||||
|
|||||||||||||
|
| Re: CODE TO ELIMINATE BAD CHARACTER ON INPUT DATA | |
|
eriweb
|
|
Hi Nopork,
Can I get your asp function? Thanks.
|
|||||||||||||
|
|||||||||||||||
|
 | Anyone else noticing an increase in SpamBot and Hackers | |
|
||
|
|
|