Full Version: MovableType 2.661 does not stop Spammers
I have been running the 2.661 code for about 36 hours and we got slammed today with over 500 spam messages from various spammers and even though we have everything clamped down real tight individual spammers where able to send over 100 spam comments in less than 2 minutes even though we have the filter set much lower than that.
I presume you mean "does not stop CrapFlooders." The spammers are much better behaved.
The reason is that the goofy throttling mechanism used in 2.661 throttles on a per-IP basis, whereas the crapflooders use hundreds of anonymous proxy servers to send their stuff.
You can find a discussion and my solution here.
The reason is that the goofy throttling mechanism used in 2.661 throttles on a per-IP basis, whereas the crapflooders use hundreds of anonymous proxy servers to send their stuff.
You can find a discussion and my solution here.
I should have added that MT-Blacklist is incompatible with 2.661's new throttling mechanism.
Jay Allen's plugin usurps the post method from lib/MT/App/Comments.pm. Unfortunately, that's where Ben Trott's throttling code is.
So, if you're using MT-Blacklist, you have no throttling at all (even ineffective throttling). Presumably, that will get fixed when Jay updates his plugin.
And then Ben will update his throttling code.
And then ...
Jay Allen's plugin usurps the post method from lib/MT/App/Comments.pm. Unfortunately, that's where Ben Trott's throttling code is.
So, if you're using MT-Blacklist, you have no throttling at all (even ineffective throttling). Presumably, that will get fixed when Jay updates his plugin.
And then Ben will update his throttling code.
And then ...
Jay Allen just released a fixed version of MT-Blacklist
... which has in it the same ineffective throttling code as MT 2.661.
...and more.
Someone got a copy of an already patched Comments.pm? I apply distler's patch and I just get errors. 
Does this mean we still can't use 2.661, jay's, and distlers code at the same time, or can we now do it?
I have the Blacklist and 2.661 upgrades done, but it doesn't stop the comment or trackback crapflooding.
Is there ANYTHING that works out yet? They've got my url in the script itself, so I usually get to test out any fixes you guys release right away.
I have the Blacklist and 2.661 upgrades done, but it doesn't stop the comment or trackback crapflooding.
Is there ANYTHING that works out yet? They've got my url in the script itself, so I usually get to test out any fixes you guys release right away.
If all else fails you can always add my patches by hand to Jay's MTBlPost.pm and MTBlPing.pm files. Here, for instance, is my patch for trackback throttling
The lines with the "+" in front of them are lines you are supposed to add (lines with "-" in front of them are lines you are supposed to delete). The patch file give the approximate location of each change (at least in lib/MT/App/Tracback.pm, the change is around line 157; maybe different in Jay's file) and three lines of context around the modifications.
Patch files are designed to be processed automatically by the commandline program, patch. But if that doesn't work for you, they are human-readable.
CODE
--- lib/MT/App/Trackback.pm.orig Thu Jan 15 17:41:46 2004
+++ lib/MT/App/Trackback.pm Mon Jan 19 11:11:16 2004
@@ -157,6 +157,38 @@
$app->translate("You are not allowed to send TrackBack pings."));
}
}
+## Do some simple throttling
+ my @ts = MT::Util::offset_time_list(time - 3599, $tb->blog_id);
+ my $from = sprintf("%04d%02d%02d%02d%02d%02d",
+ $ts[5]+1900, $ts[4]+1, @ts[3,2,1,0]);
+
+ my $count = MT::TBPing->count({ created_on => [$from] },
+ { range => {created_on => 1}});
+ my $maxpings = 20;
+ if ($count >= $maxpings)
+ {
+ $app->log("Throttled comment. Limit of $maxpings trackbacks in the last hour.");
+ return $app->_response(Error =>"Too many Trackbacks
+have been posted in the last hour. Someone may be crapflooding this
+blog. Or we may just have become insanely popular. Either way, please
+try your Trackback again later. Sorry.");
+ }
+ @ts = MT::Util::offset_time_list(time - 86399, $tb->blog_id);
+ $from = sprintf("%04d%02d%02d%02d%02d%02d",
+ $ts[5]+1900, $ts[4]+1, @ts[3,2,1,0]);
+
+ $count = MT::TBPing->count({ created_on => [$from] },
+ { range => {created_on => 1}});
+ $maxpings = 100;
+ if ($count >= $maxpings)
+ {
+ $app->log("Throttled comment. Limit of $maxpings Trackbacks in the last day.");
+ return $app->_response(Error => "Too many Trackbacks
+have been posted in the past 24 hours. Someone may be crapflooding this
+blog. Or we may just have become insanely popular. Either way, please
+try your Trackback again later. Sorry.");
+ }
+
## Check if user has pinged recently
#my @past = MT::TBPing->load({ tb_id => $tb_id, ip => $host_ip });
+++ lib/MT/App/Trackback.pm Mon Jan 19 11:11:16 2004
@@ -157,6 +157,38 @@
$app->translate("You are not allowed to send TrackBack pings."));
}
}
+## Do some simple throttling
+ my @ts = MT::Util::offset_time_list(time - 3599, $tb->blog_id);
+ my $from = sprintf("%04d%02d%02d%02d%02d%02d",
+ $ts[5]+1900, $ts[4]+1, @ts[3,2,1,0]);
+
+ my $count = MT::TBPing->count({ created_on => [$from] },
+ { range => {created_on => 1}});
+ my $maxpings = 20;
+ if ($count >= $maxpings)
+ {
+ $app->log("Throttled comment. Limit of $maxpings trackbacks in the last hour.");
+ return $app->_response(Error =>"Too many Trackbacks
+have been posted in the last hour. Someone may be crapflooding this
+blog. Or we may just have become insanely popular. Either way, please
+try your Trackback again later. Sorry.");
+ }
+ @ts = MT::Util::offset_time_list(time - 86399, $tb->blog_id);
+ $from = sprintf("%04d%02d%02d%02d%02d%02d",
+ $ts[5]+1900, $ts[4]+1, @ts[3,2,1,0]);
+
+ $count = MT::TBPing->count({ created_on => [$from] },
+ { range => {created_on => 1}});
+ $maxpings = 100;
+ if ($count >= $maxpings)
+ {
+ $app->log("Throttled comment. Limit of $maxpings Trackbacks in the last day.");
+ return $app->_response(Error => "Too many Trackbacks
+have been posted in the past 24 hours. Someone may be crapflooding this
+blog. Or we may just have become insanely popular. Either way, please
+try your Trackback again later. Sorry.");
+ }
+
## Check if user has pinged recently
#my @past = MT::TBPing->load({ tb_id => $tb_id, ip => $host_ip });
The lines with the "+" in front of them are lines you are supposed to add (lines with "-" in front of them are lines you are supposed to delete). The patch file give the approximate location of each change (at least in lib/MT/App/Tracback.pm, the change is around line 157; maybe different in Jay's file) and three lines of context around the modifications.
Patch files are designed to be processed automatically by the commandline program, patch. But if that doesn't work for you, they are human-readable.
Sorry for being such a moron, but let me try to make this clear for myself:
I take the code from your patch, and make the changes noted in the MTB|Post.pm and the MTB|Ping.pm files, them I'm done?
The next quote I don't understand at all. Again, I'm sorry for being so far behind the rest of the class.
I take the code from your patch, and make the changes noted in the MTB|Post.pm and the MTB|Ping.pm files, them I'm done?
The next quote I don't understand at all. Again, I'm sorry for being so far behind the rest of the class.
QUOTE
The patch file give the approximate location of each change (at least in lib/MT/App/Tracback.pm, the change is around line 157; maybe different in Jay's file) and three lines of context around the modifications.
Patch files are designed to be processed automatically by the commandline program, patch. But if that doesn't work for you, they are human-readable.
Patch files are designed to be processed automatically by the commandline program, patch. But if that doesn't work for you, they are human-readable.
QUOTE
I take the code from your patch, and make the changes noted in the MTB|Post.pm and the MTB|Ping.pm files, them I'm done?
Correct.
QUOTE
The next quote I don't understand at all. Again, I'm sorry for being so far behind the rest of the class.
I was trying to explain how to read a patch file. The three ingredients are:
1) Approximately where in (which) file you are supposed to make the changes.
2) What lines you are supposed to delete.
3) What lines you are supposed to add.
Ahhh, perfect. Thanks, I'll try it now, then.
Thank you for your patience.
Thank you for your patience.
Martlet, don't worry... the instructions on his site and this forum just aren't very clear. No offense intended, but some people are great programmers, not tech writers.
I understood from his site what to add and what to remove, but on his site he said to do this on Comments.pm. It didn't matter what I did, adding the code to Comments.pm would return errors.
Here he says to add the code to MTBlPing.pm AND MTBlPost.pm. However, no such code that resembles around where you are supposed to begin:
$app->translate("You are not allowed to send TrackBack pings."))
exists in MTBlPost.pm.
So I applied the code to JUST MTBlPing.pm and that seems to have worked. If you are still stuck, PM me and I will send you my MTBlPing.pm file.
I understood from his site what to add and what to remove, but on his site he said to do this on Comments.pm. It didn't matter what I did, adding the code to Comments.pm would return errors.
Here he says to add the code to MTBlPing.pm AND MTBlPost.pm. However, no such code that resembles around where you are supposed to begin:
$app->translate("You are not allowed to send TrackBack pings."))
exists in MTBlPost.pm.
So I applied the code to JUST MTBlPing.pm and that seems to have worked. If you are still stuck, PM me and I will send you my MTBlPing.pm file.
Is there a good way to test this? I can confirm it prevents me from re-posting, but I'm on the same IP. I tried getting 1 guy on IRC to post the same time as me, and he could. He has a different IP, but we could have posted long enough apart (within the same minute) to allow it through?
How can I ensure its working...
How can I ensure its working...
Jadey:
I'm sorry if I've confused you. On my site, I have two separate patches. One, for lib/MT/App/Comments.pm which should be applied to MTBlPost.pm and one for lib/MT/App/Trackback.pm, which should be applied to MTBlPing.pm.
The former addresses comment flooding. The latter addresses trackback flooding.
And yes, they work. I've seen them in action on my site (courtesy of our crapflooding friends).
I'm sorry if I've confused you. On my site, I have two separate patches. One, for lib/MT/App/Comments.pm which should be applied to MTBlPost.pm and one for lib/MT/App/Trackback.pm, which should be applied to MTBlPing.pm.
The former addresses comment flooding. The latter addresses trackback flooding.
And yes, they work. I've seen them in action on my site (courtesy of our crapflooding friends).
Thanks very much for the clarification
Once I install the patch to MTBlPost.pm, I get this error:
The error comes when I submit my comment (which doesn't get posted)
CODE
An error occurred:
syntax error at extlib/jayallen/MTBlPost.pm line 292, near "]1900"
syntax error at extlib/jayallen/MTBlPost.pm line 305, near "]1900"
Missing right curly or square bracket at extlib/jayallen/MTBlPost.pm line 457, at end of line
syntax error at extlib/jayallen/MTBlPost.pm line 457, at EOF
Compilation failed in require at plugins/Blacklist.pl line 114.
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 292, near "]1900"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1900?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 292, near "]1"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 305, near "]1900"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1900?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 305, near "]1"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1?)
syntax error at extlib/jayallen/MTBlPost.pm line 292, near "]1900"
syntax error at extlib/jayallen/MTBlPost.pm line 305, near "]1900"
Missing right curly or square bracket at extlib/jayallen/MTBlPost.pm line 457, at end of line
syntax error at extlib/jayallen/MTBlPost.pm line 457, at EOF
Compilation failed in require at plugins/Blacklist.pl line 114.
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 292, near "]1900"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1900?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 292, near "]1"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 305, near "]1900"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1900?)
MT::App::Comments=HASH(0x810adec) Number found where operator expected at extlib/jayallen/MTBlPost.pm line 305, near "]1"
MT::App::Comments=HASH(0x810adec) (Missing operator before 1?)
The error comes when I submit my comment (which doesn't get posted)
I'm guessing that you removed all + signs, which would be bad, since the code actually contains them.
Notice the error? ]1900 and ]1?
Looks like this minus the plus signs: $ts[5]+1900, $ts[4]+1
In any case, all you have to do if you get errors is look in the file that is named at the specified line or do a search for the string that is given... Easy enough to fix...
This, by the way, is why patches suck for anyone other than techies...
Notice the error? ]1900 and ]1
?Looks like this minus the plus signs: $ts[5]+1900, $ts[4]+1
In any case, all you have to do if you get errors is look in the file that is named at the specified line or do a search for the string that is given... Easy enough to fix...
This, by the way, is why patches suck for anyone other than techies...
Ah, that was it! I did a simple find/replace. Works now, thanks much!
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.