Re: How does PunBB do against spam attacks

That's OK, I'm glad we figured out what was going on smile

27

Re: How does PunBB do against spam attacks

zap wrote:

Funny you should mention this just now, I found out that was indeed the case late friday night. The web site was tested on another domain before being deployed and apparently it was not correctly removed: access to the site itself was denied but a direct link to the forum still worked. That would explain why the spam seemed to just drop into the DB and there were no traces of anything in the server logs.

It's worthwhile remembering, (if you have any more problems), to check your own security, setup and coding before laying blame on someone elses. smile

28

Re: How does PunBB do against spam attacks

It's probably still a goood idea though IMHO to drop in some sort of PunBB anti-spam solution - even a simple one like the one here - http://www.punres.org/viewtopic.php?id=3439 - may still be useful.

29

Re: How does PunBB do against spam attacks

MattF wrote:

It's worthwhile remembering, (if you have any more problems), to check your own security, setup and coding before laying blame on someone elses. smile

I did ;-) In fact, I spent almost two days checking out various things. The thing is, the other copy was on another domain which is otherwise inactive and has separate logs. Not exactly the kind of place you think of checking out. I wish I had had access to some kind of DB log.

But I know what you mean... I often waste lots of time investigating crazy theories (eg. your software only works while I'm not sitting on my chair) only to find out a user messed up something basic (eg. I forgot to mention I'm using linux-fedora-pre-alpha-bleeding-edge on a mac laptop). It seems that's just the way it is with software development. smile

MattF wrote:

It's probably still a goood idea though IMHO to drop in some sort of PunBB anti-spam solution - even a simple one like the one here - http://www.punres.org/viewtopic.php?id=3439 - may still be useful.

Given the mad stuff I implemented to work around this problem, I'm pretty sure we'll be spam-free for a long time. But I'll know where to look if it ever becomes a problem again.