Login

Recent Tweets

Follow Me on Twitter

Powered by Twitter Tools

Juicy Bites

Looking for Something?

Google

Site On Partial Lock-Down…

BangBox

 

In the last few weeks the Chile Underground has been found by the masses. Masses of hackers, I mean…

One strategy that’s used to gain malicious access is for somebody’s zombienet to generate throwaway email addresses, then attempt to register on blog sites with those addresses. I’m not entirely sure what happens after that, although the Internet’s chock-full of scary stories about what could happen next. I’d rather not resort to Captcha strategies, and I thought I had plenty of protection up to catch softbots trying to do anything on my site.

Silly me. Seems the softbots are ahead on points, this round. My registered users list is a few dozens, then suddenly BOOM! I get 140,000+ requests. Not bloody likely.

Until I have a fix that I like in place, I’ve disabled auto-registration, and dumped the unregistered users that showed up recently. (In case you’re wondering, it took an automated cleaner over 3 hours to do this, shutting down the site during that time. I HATE down time.) If you were honestly attempting to become a registered user of the site and you got tossed in this sweep, I apologize. At present, though, the only way I’ll take new users is if they send me an email: Chile Doctor at chile underground. (You DO know how to unmung that address, yes?) Real name, a non-disposable email address, and a sporty note (to cheer me up) and I’ll get you into the database manually and send you back a password. I doubt I’ll be inundated this way; we’ll see.

Oh, what’s a disposable email? Things like Yahoo, Hotmail, almost anything ending in .ru, guerrillamail,and more. (I’ve got the list, trust me.) I will accept GMail, and if I think what you’ve supplied is suspect I’ll drop you a line back and see where we can go from there. Think it through, though: I’ll likely be conservative, given the huge number of recent dodgy attempts to gain access. I take security seriously, even though I don’t collect information. My content, and your visitor experience as a consequence, is important to me…

The (Spam Signups) Heat is ON!

Share

Comments are closed.