• Registered: 2005-08-30
  • Posts: 19

Topic: Spammers bypassing register.php altogether

Hi folks,

Is there any (legit) way to add a user to the forum without using register.php? My forum has been sustaining a number of spambot attacks the last few days, so I temporarily disabled register.php with a simple die() statement at the top.

This morning, there were three more spammer accounts registered! I'm running 1.2.16, and it looks like they're inserting users right into the DB with an SQL injection attack somewhere. Is this a known weakness, or is there something else I'm not seeing? Is there an easy way to have Pun spew logs somewhere so I can observe it a little more closely and find out exactly what's going on?

Has anyone else seen anything like this?

2 Reply by MattF

  • MattF
  • Senior Member
  • Offline
  • From: South Yorkshire, England
  • Registered: 2007-03-15
  • Posts: 1,956

Re: Spammers bypassing register.php altogether

You wouldn't happen to have a test forum or an old forum or such that uses the same tables, would you?

MattF's Website

  • Registered: 2008-01-17
  • Posts: 1

Re: Spammers bypassing register.php altogether

I have got exactly the same problem, am looking into it any advice would be appreciated.

4 Reply by MattF

  • MattF
  • Senior Member
  • Offline
  • From: South Yorkshire, England
  • Registered: 2007-03-15
  • Posts: 1,956

Re: Spammers bypassing register.php altogether

Ninety percent of the time when this has cropped up in the past, it's been down to a second instance of PunBB running which had lax restrictions, which they were literally using as a backdoor to the main forum. smile

Only other way to find out is to check your webserver logs and see what it says there.

MattF's Website

  • Registered: 2005-08-30
  • Posts: 19

Re: Spammers bypassing register.php altogether

Ninety percent of the time when this has cropped up in the past, it's been down to a second instance of PunBB running which had lax restrictions, which they were literally using as a backdoor to the main forum.

Gah. Now I feel like a dumbass. There was a backup directory sitting right there with 1.2.12 in it.

I'll see if that cleans it up. Thanks!