Skip to:
Content
Pages
Categories
Search
Top
Bottom

Unwanted Anonymous Posts?


  • citizenkeith
    Participant

    @citizenkeith

    I maintain a website that has an install of bbPress 1.0.2. There haven’t really been any posts in about a year (just one or two updates from moderators).

    Today I viewed the forum to see hundreds of Anonymous spam posts.

    This confuses me, since I don’t have an Anonymous Posting plugin installed or enabled. Which makes me think somebody may have found a back door. I would like to close that door, but I have no idea where to start.

    Thoughts?

Viewing 14 replies - 1 through 14 (of 14 total)

  • John James Jacoby
    Keymaster

    @johnjamesjacoby

    Ask your webhost to provide you with access logs of your site, and see where those _POST requests came from. You can also try updating to 1.0.3 which is tagged in the repository but not available for download via .zip quite yet.

    http://trac.bbpress.org/browser/tags/1.0.3/


    John James Jacoby
    Keymaster

    @johnjamesjacoby

    Ask your webhost to provide you with access logs of your site, and see where those _POST requests came from. You can also try updating to 1.0.3 which is tagged in the repository but not available for download via .zip quite yet.

    http://trac.bbpress.org/browser/tags/1.0.3/


    Ashfame
    Participant

    @ashfame

    o_0

    Yes, this is important to figure out. If there is a backdoor, world is again at risk. Lol, I have a weird mood right now :D


    Ashfame
    Participant

    @ashfame

    o_0

    Yes, this is important to figure out. If there is a backdoor, world is again at risk. Lol, I have a weird mood right now :D


    3leggedcat
    Member

    @3leggedcat

    CK

    did you get any answers?

    Same thing is happening with a forum I have.

    There has to be a back door in, and it hasn’t been plugged yet


    3leggedcat
    Member

    @3leggedcat

    CK

    did you get any answers?

    Same thing is happening with a forum I have.

    There has to be a back door in, and it hasn’t been plugged yet


    Ben L.
    Member

    @nightgunner5

    If you deleted spam accounts, their posts will be marked as anonymous.


    Ben L.
    Member

    @nightgunner5

    If you deleted spam accounts, their posts will be marked as anonymous.


    citizenkeith
    Participant

    @citizenkeith

    @3leggedcat I’ve been out of town, and haven’t had a chance to look into it yet. As I stated in my original post, there hasn’t been activity on that forum in a year, so for now I just took it offline. I’ll be looking into it when I get home.

    @Ben L. These posts were made long after I have deleted an account. With a deleted account, they wouldn’t be able to log in a year later and post spam.


    citizenkeith
    Participant

    @citizenkeith

    @3leggedcat I’ve been out of town, and haven’t had a chance to look into it yet. As I stated in my original post, there hasn’t been activity on that forum in a year, so for now I just took it offline. I’ll be looking into it when I get home.

    @Ben L. These posts were made long after I have deleted an account. With a deleted account, they wouldn’t be able to log in a year later and post spam.


    3leggedcat
    Member

    @3leggedcat

    Ben

    we deleted the accounts

    but these posts came in after I deleted them


    3leggedcat
    Member

    @3leggedcat

    Ben

    we deleted the accounts

    but these posts came in after I deleted them


    citizenkeith
    Participant

    @citizenkeith

    I checked my access logs for that day, and couldn’t find anything out of the ordinary. Lots of registrations from the non-anonymous spammers, and lots of wp-cron.php for that domain. The forum is integrated with WP.

    If anybody would like to have a look at the logs, let me know and I can send them your way. I’m not 100% sure what to look for.


    citizenkeith
    Participant

    @citizenkeith

    I checked my access logs for that day, and couldn’t find anything out of the ordinary. Lots of registrations from the non-anonymous spammers, and lots of wp-cron.php for that domain. The forum is integrated with WP.

    If anybody would like to have a look at the logs, let me know and I can send them your way. I’m not 100% sure what to look for.

Viewing 14 replies - 1 through 14 (of 14 total)

You must be logged in to reply to this topic.