ssahin

About me: Assistant Professor of Physics

Send private message

You must be logged in to send a private message.

Friends

No friends yet.

Group membership

Activity

  • ssahin added a new discussion topic Spam sending script in the group Elgg Technical Support
    Hi, I have a website on arvixe, and they suspended me two times because of the following: ''We've identified that a script /home/.../public_html/engine/handlers/action_handler.php (on hosting account websiteowner -...
    • @Brett Besides plugins, there are other methods that are being implemented to avoid this situation.

      Also, if you have any demo elgg site, make sure that registration is disabled. Sometimes you forget about those demo sites and then you have a spammer problem. (Which was part of the problem)

      Rodolfo Hernandez

      Arvixe/Elgg Community Liaison

    • @Brett Besides plugins, there are other methods that are being implemented to avoid this situation.

      Yes, I assumed so. The same still applies. Secrecy won't solve this problem. It's similar to security through obscurity; it's a response by inexperienced developers and it just doesn't work in the long run.

    • @Brett I just try to answer while keeping any details about the customer details private. I hope that we can share what we did this week, so everybody can benefit from it.

      Also, I shared an effective solution against spammers. One of the most effective ways, for my elgg network, against spammers was to remove (via plugin/theme) the registration page and create a registration form via ajax/jquery. It has been working extremely well.

      http://community.elgg.org/discussion/view/1570790/fake-users-registration-attack?annoff=50

  • ssahin joined the group Elgg Technical Support