On Fri, 2007-03-09 at 09:24 -0500, markw@xxxxxxxxxxxxxx wrote: > Just FYI: > > I have a couple web sites and I kept getting this bozo submitting comments > with just a bunch of links to porn sites. For a while I didn't notice, but > then Google threatened to drop my blog-bits (adsense) account. > > So, I looked at my logs, and the TCP/IP address is 195.225.176.66 and a > quick firewall rule took care of if. > > If you have a web site that accepts input from users, look for a message > the is titled "why not cms," and from a user with some random name at > jwpcworld.com. He seems to be targeting drupal sites. I wouldn't focus just on "why not cms". This stuff has been on the rise for the past few months. I've watched the number of distinct IPs hitting some of my sites steadily increase. You'll need something like Captcha to eliminate it properly. These things are site bots that crawl the net looking for sites with post forms (probably with some kind of basic checking for fields named "comments" etc.) Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
