Help with Blog Spam Content added by non registered users ?

Hi,

I have a dev site here http://www.cloud-webdesign.co.uk/ and even though I have turned off users from registering, I am getting SPAM blogs being posted by numberous users. There are only TWO accounts / official users, and there are two many of these fake users to delete.

How can users who have not registered SPAM blogs without accounts ?

Any help appreciated.... btw I have also activated HYPESPAM and various other anti spam techniques, but none seem to stop this activity... do I have some other vunerabilities I have left open ?

Help appreciated.

  • maybe you need to change your account/server passwords to ensure your admin account is not being used to manually create new accounts.

  • Will try that... currently it says I have 989 Users, however when I look at new users I only see my  two accounts listed. I also seem to have 45000 blogs... no easy way to delete it all I guess either... :(

  • I saw that you just updated to 1.8.19 from 1.8.9. Did these users register before or after that? There were a number of security fixes between 1.8.9 and 1.8.19 that might have been exploited.

    Other things to check--Do you have 3rd party plugins that modify the registration behavior? Are they up to date? Do you know if they're secure?

    If this happened on stock 1.8.19, it's a big problem, and I'd like to work with you to see if we can figure out why.

  • They registered before I upgrade, just updated now to see if it would help. There are 898 users and I need a way to delete them all and their content... any ideas...

    Will see if any new user get added from now on, the issue I have now is to combat users who keep coming on and posting spam, seen 5 Today already and have had to BAN/Delete. Was on version 1.8.9 previously...   help appreciated with a BULK delete if there is such a thing... thx

     

  • I suppose you could write a simple elgg batch tot delete all users and all objects they are owner of, if you could find something they have all in common, you just have to be sure that non spam users don't get removed as well. 

  • Its a dev site with only me with 2 user accounts, the rest are SPAM accounts... Unfortunatley my skills are very limited so no way I could write an ELGG script... will just keep an eye on it and manually remove users for now... I have enabled a SPAM Plugin (SPAM THROTTLE) which can auto delete users when posting a number of blogs, for example... so I have set to 1, so anyone posting will be deleted... interestingly enough my LIVE site doesn;t have the same issue, so might be I have adequate SPAM protection and had not fully enabled them on my dev site... thx

  • @Andy1966uk As Dries said you can delete all users but leave an admin account only with this action:

    $options = array( 'type' => 'user', );

    $users = new ElggBatch('elgg_get_entities', $options);

    foreach ($users as $user) {

     $user->delete();

              } 

     

    Also, look at these plugins:

    http://community.elgg.org/plugins/553265/1.8.3%20free/westors-elgg-manager

    https://github.com/brettp/Bulk-User-Admin

  • Found this Plugin "hypeApprove for Elgg 1.8" but thanks...

  • If you only have 2 actual users, it might be easiest to wipe the database and just reinstall from scratch.

  • @Brett: how's the Bulk-User-Admin plugin for Elgg 1.8? Is it fully functional? If yes, it could be used to delete the many unwanted accounts at least faster than deleting them one by one.

    @Andy:

    You could try the following script (slightly expanded the code of RvR). You would have to set the guids of the two users that you don't want to get deleted. All the others will get removed.

    <?php

    require 'engine/start.php';

    // do not delete the following users with guid
    $user1_guid = 123;
    $user2_guid = 123;

    $options = array('type' => 'user');

    $users = new ElggBatch('elgg_get_entities', $options);

    foreach ($users as $user) {
        if (($user->guid !=$user1_guid) && ($user->guid !=$user2_guid)) {
            $user->delete();
        }
    }