SPAM on my (Administrator's) Blog

I have  strayed away from working on my site but just checked it today and see what seems like over 4000 spam blog posts.

I noticed that bots had registered over 100 user ids, and I deleted these via phpMyadmin. Not a problem.

When I went to delete the posts I could not tell which is the right field in the database for the blog posts. And, this is getting extremely tedious and tiring deleting posts one at a time.

Is there still not a way to BULK delete this data? This seems like a badly needed tool, especially for neglectful newbies like myself. I would say it would take me many hours to clean the spam.

Someone mentioned deleted the administrator's account, so as to therefore also delete the posts? Is this viable? Can I still get access to the site, get back in and still have a site?

ALSO, is there a page with the basic protocol for securing my site so that my password is not stolen or compromised? I do not understand how someone is writing blog spam in my account.

Here is a sample page of the spam so you can see that the user ( LaundryBee ) is me, but the SPAM is definitely not mine.

Also, please notice that when you click on my user id ( Laundry Bee ) there is no blog posts for me, even will my user is associated with all of the SPAM posts.

Its 3 am and I have to turn in.

Thanks.

C

 

 

 

 

  • there are some gits called instantsocialanarchy who have an automated spam posting tool that targets elgg installations . There is another problem if they have your admin password.

  • perhaps you can track the IP and block it.. though the success of that will be dependent on how the bot software works.

  • Don't manually delete the user GUIDs in the DB.  This will cause all sorts of problems.  When you delete a user in Elgg, it recurses through and deletes all data associated with that user.  Elgg can't do this if you change the database manually.

    If someone has your admin password you should create a new password right away.

    Deleting the user who owns the blog posts will delete all the posts.  Because your database is corrupted now, I wouldn't trust that the admin is the real owner of the posts.  You'll need to dig into the database to find the entities that match the GUIDs of the blog posts and check the owner GUID.  If the owner GUID is the administrator, someone probably has your admin password.  If the owner GUID  is a user that you deleted from the DB, you will need to manually delete all the blog posts via Elgg.

    Again, don't delete users manually.  It corrupts the database.

  • Brett,

    You mean manually at the database level? So we can be confident deleting in the admin deletes all data from a user? That's a big step forward and you can confirm this working many 1.7 sites? Great work!

  • I delete spam users regularly, always in the admin. Their posts are deleted too.