Over last couple of weeks the great abusers (Turkish spammers a.k.a sohbet) are not only submitting spam links (and waste 80% of traffic - up to 1 million hits a day) but they learned how to hijack user accounts as well. Which is not cool at all.
I'm turning the top sites offline till first week of a new year as I'm concerned about site integrity and most of all member's privacy.
Please follow the news in this blog. And I hope Drupal Top Sites will be shining again soon allowing to showcase our lovely Drupal at it's best.
And if you have some ideas how the reorganize the Drupal Top Sites please DO leave a comment to this.
Happy Holidays!
What I mean by that is... how did they hijack accounts, and did that security problem get fixed? I ask because we all use Drupal here, and if you got hit, we could all get hit.
I had problems previously where I allowed for unmoderated and unregistered commenting... boy was that a mistake. 30k bogus spam messages later, I almost canned my site.
Now that I'm back on track, I require registration to leave comments, but now you're saying that the registration can be hijacked... so how?
I appreciate any feedback, really.
http://danno.appliedi.net/drupal/
http://danno.appliedi.net/drupal/
No worries. It was not Drupal powered. And that was another issue.
But for spam comments on Drupal: spam.module makes miracles slashing bad guys even with allowed anonymous commenting.
drupalsites.net is good exapmle itself of spam.module great work (along with capcha).
drupalsites.net editor
Try the akismet module, it's being officially maintained by eaton on drupal.org
Your textual "captcha" is too easy to crack.
If you install textimage and integrate it with captcha, it will be MUCH stronger protections and turkish hackers will have to entertain themselves with something else
I've used this and seems to work well in my opinion.
I think Akismet is being offer to may of the CMS systems these days. Must work!
... Is that it just catches and marks stuff as spam - it doesn't "nip it in the bud". Captcha DOES tend to nip it. My site got thousands of spam a day and simply enabling Captcha has reduced this to 1 spam in 1 month. Nice module!
I've always used the spam module and never knew that it was making a difference until I checked the SPAM folder in gmail and saw skillions of flagged post alerts. Google saw the message body and also tagged them as spam so I never got them in my inbox. it really does work well.
Funny Guy
I agree this has helped tremendously and keeps the "bots" out!
Chris
I totally agree with the nip it in the bud sentiments.
Praise the Lord for Captcha
Well, now it is May and the site says it will be back online in March. It obviously looks like a permanent problem.
It looks to me as though the best option might be to re-load the material on another platform -- one more secure against user account hijacking -- preferably including SSL for secure logins.
Guys, I'm very sorry about the delay with it. There are currently 2 alternative versions of new top sites module (Drupal based) in alfa testing. Hope to make public beta late May or early June.
Client module (to install at your site) will be available for Drupal 5.x, 4.7.x. for sure. But I'm not sure if it still makes sense to port it to 4.6.x branch as well.
drupalsites.net editor
"Temporarily closed! The site will be back online in January 2007."
Is there an update to the status of http://top.drupalsites.net ?
Thanks for reminder... but the developer for a new top sites module is disappeared at some 75% of job done. Feel terribly bad not to be a good programmer myself. But I'm looking for a new developer who could finish the job asap.
And really sorry for this delay guys/girls. top.drupalsites.net page is "updated" accordingly.
drupalsites.net editor
Any news of Top Drupal Sites?
All spammer must be killed...
Yes, Im from İstanbul and im a Turk but i hate these kind of spammers.
Try mollum, Dries's new anti-spam company.
Turkish spammers? Most of the brute force attacks on my servers are from China, Korea, or Russia. Never had a Turkish attack on a system before. Good luck with your work on fixing this. I know how much work it can be fortifying systems against spammers and hackers.
Sorry I don't understand.
Why is there not a simple static page with all the sites
up until the spamming started ?
Best
G
I don't think a static page will make any sense. Especially taking into account that ratings was closed quite a long time ago and this kind of statistics is changing quite rapidly.
But I hope it will be back now powered by Drupal till the end of the year.
drupalsites.net editor
It's never good to receive spam comments. I have trouble myself to keep my blog clean of these swines. Strangely enough, they never stop, even though the spam folders do a pretty good job.
I always wondered why they keep going? Would anybody here know this? Thanks
Andy
I have been using askimet too, and it is great for this kind of spam! Sometimes it does give some false positives but overall its great!
Looks like the spammers are busy! Askimet is great for that! Good luck!