Message Board

Newbie/Basic Questions

Older Posts ]   [ Newer Posts ]
 got 5 comment spams after installing honeypot, why?
Author: J.K7   (3 Jul 08 6:42am)
I just installed a honeypot on my website 2 days ago, and installation went very smooth.
Under my Stats at Home page, I have Spam traps issued: 10, Sites protected: 1 , the rest are all 0s, which means I do not get any spam yet right? But I do receive 5 comment spams today. Why is that?
 
 Re: got 5 comment spams after installing honeypot, why?
Author: J.K7   (3 Jul 08 5:29pm)
I got 50 comment spams now, it's getting worse.... the stats on my honey pot still shows 0 spam, why? HOw can I stop the spam???
 
 Re: got 5 comment spams after installing honeypot, why?
Author: J.K7   (16 Jul 08 3:58am)
It's not working for me, got tons of comment spams every day.
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.Bolchis   (7 Nov 08 5:15pm)
I am new to Honeypot and I feel the same way, proir to joining Honeypot had a few spam to deal with now I am getting hit several times a day on all the sites I have protected by Comment Spammers. I wonder what the connection is.
 
 Re: got 5 comment spams after installing honeypot, why?
Author: B.Timm   (28 Dec 08 5:39am)
I have the same problem. IMMEDIATELY after installing the Honeypot, I started getting hit with tens of comments spam on my wordpress blog - still running aat maybe 50 a day from the same spammer. My Honeypot dashboard shows ZERO comment spams.

Thank God for Akismet marking these comments as Spam!

I also have a question about the blocking functionaility of http:BL plug-in, which does not seem to be working, but that's in a different thread on this board.

Can anyone help us with the increased spam questions?
 
 Re: got 5 comment spams after installing honeypot, why?
Author: B.Timm   (30 Dec 08 11:14pm)
Does anyone monitor or answer these questions on a regular basis?

I've had over 500 SPAM comments from the SAME IP since implementing HoneyPot and http:BL, and none of these spam comments are listed on my Honeypot dashboard, and the IP is not blocked.

Is there a more comprehensive guide or docs describing HOW to configure wordpress and/or the http:BL plugin to better block this stuff?

Thanks
 
 Re: got 5 comment spams after installing honeypot, why?
Author: G.Kem   (6 Jan 09 4:16pm)
I am new to this game myself.

I do not have the full honeypot installed, however, I do use the quicklinks.

I run a forum only site and do not have any false registrations or spam due to anti-bot / spam modifications.

I have quicklinks in the footer, header and hidden within my copyright logo.

My understanding of the honeypot is to be more attractive to spam bots etc and lure them in. If they aren't visiting the 'pot' i guess they will not register even if they're posting spam on your main site.

Do you not have to link to it in someway from your site (might be an ignorant suggestion, sorry).

Good luck.
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.E4   (31 Mar 09 3:28am)
"My understanding of the honeypot is to be more attractive to spam bots etc and lure them in. If they aren't visiting the 'pot' i guess they will not register even if they're posting spam on your main site."

How do we make our forums or blogs (these wordpress people) safe for us and yet our honeypots sweeter for the bots? I thought just adding the honeypot was enough .. :(
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.E4   (27 Apr 09 1:45am)
Still wondering about this. I have had to set my forums so that bots have a hard time visiting but I was still hoping to contribute to eliminating spam over all .. not just for my own site ..
 
 Re: got 5 comment spams after installing honeypot, why?
Author: M.Prince   (27 Apr 09 8:18am)
Honey Pots catch bad bots and contribute data to the Project community. If you want to protect your site you need to use one of the implementations of http:BL. There are several different implementations, including many for WordPress and other blogs. Click the Services tab and the HTTP Blacklist submenu for more information, or search these forums for more information.
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.Ashari   (17 May 09 8:24am)
yeah if youre a wordpress user, try to use bad behaviour plugin. it will check ay malicious attempt to our blog. Or, t make it better, try also wp cache. this plugin has option to integrated itselft into bad behaviour. Make your security better
 
 Re: got 5 comment spams after installing honeypot, why?
Author: S.A8   (10 Jun 09 4:46am)
I got the same, i started 4 kind of forums and wiki's at the same time.
Always liked the idea of having a honeypot of my own, didn't know abou this project yet at the time.

PHPBB was taken over within days, so i put out links to SMF and 2 different WIKI's.
Even had set all the security at it lowest, posting for guests enabled, guests can modify make sticky ect. all what mods and half admins could do could do the spammers.
Anyway, phpbb got over 350k posts within some months, over 100k users even they didn't need to register to post.

But SMF never got 1 posts.. visits enough tho. Wiki's are still clean.

Some weeks back i put out a honeypot that replaced my phpbb forum, weird thing is that i got more comment and other kinds of spammers on my phpbb forum stats than projecthoneypot stats say.

And 2 days after installing the honeypot from here, i got 2 posts on my SMF forum, aa week later it went through the roof. Everyday over 1000 posts, and now it seems it even doubles every week. one week it was around 6000 posts, following week 7599.

And the funny thing is.. i'm fairly certain it is a different spammer than the one from my PHPBB pot.. Well. the posts are of a totally different kind.

How is this possible i ask you..
 
 Re: got 5 comment spams after installing honeypot, why?
Author: M.Ilnyckyj   (13 Jun 09 6:53pm)
"I've had over 500 SPAM comments from the SAME IP since implementing HoneyPot and http:BL, and none of these spam comments are listed on my Honeypot dashboard, and the IP is not blocked."

If you are getting hassled by a specific IP, just ban it through .htaccess

Adding these lines to your .htaccess file will keep them off your server entirely:

# Block spammer IP
order allow,deny
deny from 83.233.30.32
allow from all

Obviously, replace '83.233.30.32' with the IP giving you trouble.
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.E4   (25 Nov 10 9:54pm)
The question seems to be .. is the honeypot actually doing its job?
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.Degives Mas   (8 Feb 11 3:55am)
The honeypot does its job alright.

So do the spammers, trawling for sites that have certain scripts running on them. Why? Because, statistics in hand, they venture among those installed there have to be a considerable number of ill-installed / ill-deployed ones that actually create a LARGE hole through which to deliver spam by the gazillions.

Don't worry about being clobbered with connections that come hat in hand requesting permission to publish st00pid spam. Worry about the integrity and sanity of your security setup; worry about your site being nailed properly shut where it must.

In the case of WordPress, I would rather not think about the number of sites out there that are run by less than stellar minds, who seemingly believe that a full-on caching system is somehow compatible with attitude- and signature-oriented anti-miscreant plugins (e.g. Bad Behavior) and similar scripts. It is most decidedly not, in fact it opens the door wide open to the baddies, and it is a good illustration of the problem with people willy-nilly plucking plugins off the WP site and cramming it into their WP install.

So, do yourself a favor, and if you use WP Super Cache set it to "legacy" mode (not even PHP) and allow Bad Behavior (and similar plugins) do its job.

Also, don't use one method. Use four. Or five. Use one from the trio of Akismet, TypePad AntiSpam and Defensio. Use something like WP HashCash. Use something like Bad Behavior. Use a tighter htaccess regime, e.g. by using BulletProof Security (it's quite harmless in that it only deals with htaccess, not your WP install scripts). And use something wholly outside the WP box, like ZB Block (it's very easy to set up in WP, just one snippet in two core files, drop a "WP compatibility file" in and you're done.) Yet another option is CloudFlare, I can warmly recommend that, too. And finally, apply SSL certs to pages where people access your site via a login, forcing login sessions through encrypted tunnels (and if you really can't afford SSL, use alternatives like Semisecure Login Reimagined together with login attempt limiters to thwart brute force attacks). There is a lot you can do. Do it. But do it right. And if you don't know how, get someone who can, and learn from that person so you can do it yourself (and know what you're doing)

They came hammering on my door, too.

So I'm steamrolling them just as fast back into three different blacklists. And I make no bones about kicking out people on dumb ISPs because I'd rather have three complaining incompetents than my site taken over by baddies just because I relented to placate the incompetents. Nuts to AOL, to iffy obscure ISPs, to countries who don't care, and to proxies. Go build your own internet I tell the whiners.

Never relent on security. Be paranoid, be very paranoid. And have a wicked sense of humor. That helps too.

But don't panic just because you see that your increased security is getting increased attention in return from the bad guys. It's a good sign. Like fighting back the mob and street gangs, that's a signal to roll up your sleeves and clean up the neighborhood; the darkest moment of the night comes just before daybreak.

Never relent. Never.

Post Edited (8 Feb 11 4:08am)
 
 Re: got 5 comment spams after installing honeypot, why?
Author: A.Degives Mas   (10 Feb 11 12:36am)
And if doubt catches you in a weak moment, consider this: you don't do it just for your own peace of mind, or that of your visitors (although arguably more so for that of the people paying for it) do it also and above all for your unknown neighbors on the Net. Those who are spared the garbage that otherwise would flow from your server(s) without you even knowing it.

Above all, do it for the few people who, after being slapped with a message saying access is denied and something else to the effect of "access denied - clean your malware infested computer first and then please come back again" suddenly wake up, and indeed clean up their computer's mess. And for the scores of people who are the victims, on the receiving end of the multiplied garbage. Few things are as rewarding as getting a thank-you note from an unsuspected malware host, who decided to get rid of the infestation.

That's a smile that lights the whole Internet. It's right up there with getting an email from Project Honey Pot saying that yet another formerly unknown miscreant IP was unmasked and nabbed in the act, thanks to your donated domain.



do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | CloudFlare Site Protection | Contact Us

Copyright © 2004–14, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email