Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By nickgorrell on
I use siteground.com to host my website heresay.org
I released an early version of my first ever site - based on DRUPAL (as I am no programmer and this toolset is fab for idiots like me).
Within days I received a user login (my very first) and it happened to be a ukraine based person who immediately started to automatically fill up my site with users and porn links.
The fact that this can happen does not surprise me - the fact that they knew that my site was a newbie as soon as it was released worries me a lot - how did they know? is there a rat in the system? This was not just bad luck and coincidence.
I have put in security to help reduce the likelihood of this for the future - but for this to happen the way it did is not right - there is something amiss here I think.
Any thoughts?
Comments
=-=
I don't really understand the in sinuation here.
The site was online, thus it was public. Public sites are crawled by bots of all kinds.
So you are saying that this
So you are saying that this WAS just bad luck and coincidence
And whats with the 'incinuation' talk - have I touched a nerve here? I was just asking a simple question
=-=
touched a nerve? not at all. Are you adding negative connotation where there need not be any? ;)
Once a site is online, it is public. They choose sites at random. Every site they come to that they need to register for, they do. The idea that the spammer had any inclinatination at all, about your "status" as a new site administrator, and that is the reason a spammer registered for your site is far reaching if not borderline paranoia. (it's also the in sinuation I was talking about). A little research, on your part, into how bots, search engines, spammers and domain names work may be in order.
Drupal.org is spammed almost daily. We clean it up as we find it. Some are blatantly obvious spammers. Others are more subtle but spam just the same.
Cool
no worries - thanks for taking the time to answer - I am a serial conspiracy theorist so paranoia mayeb at work here. better to ask the question just in case there is something that is being missed though I think
happened to me too
But I installed Drupal several months before I actually started using it, so I cant tell you how long it took them to find it. I can tell you my logs show a lot of bot activity pretty much as soon as my website was live. They're quick lol but seriously I don't know how they find us so fast, maybe the creators of all the anti-spam systems are scripting these bots so we have to use them...Now theirs a real conspiracy.
Thanks for the shared paranoia
Thanks Nate123 - I thought that I was being misunderstood by that other person.
You have hit on the point that I was trying to make.
To receive attention from eScum is part of the whole web deal - to be picked up so quickly indicates to me that there is a degree of watching out for new Drupal sites - I have since set up a second site and got similarly 'attacked' from the same country too - Ukraine - as far as I can determine from the logs.
I have blocked the specific users and aim to find a way to block all traffic originating from that country/part of World as soon as I can work out how to do it.
Told you so!
after the recent news of Drupal security issues being exploited in exactly the way that I tried to point out all those years ago, I just have to say 'I told you so' imagine if the post had been taken seriously back then, maybe the impact to the Drupal reputation might have been less severe.
=-=
Your comment continues to show a lack of understanding for how bots work. Security is taken seriously. I don't know who you think was supposed to 'take you seriously' but the security hole would have been exploited regardless of your loosely worded findings. The only thing you could have done to protect drupal sites would have been to find the hole and report it through proper channels.
Lastly every popular script has had major security exploits in its history. the more popular the script the more its poked and prodded for security issues that can be exploited. I venture that you can take down your current site and put up a simple HTML form and it will soon be completed by a bot. If there is a field to be filled in a bot will fill it in regardless of how or what generated the form.
=-=
bot and botnet activity when a site is public is normal. Upload any script make the site live and you will quickly learn this by walking through the server logs.
There is no way for a person, place or thing, to watch the entire internet specifically waiting for "drupal sites" to launch in a world which as of January 2008 had 62.4 million active domains. It's not that I misunderstood you. It's that I found the assertion absurd when you first made it and I find it equally absurd today.
http://www.circleid.com/posts/how_many_bots_how_many_botnets/ may help shed some light on things. Not sure if the total amount of bots and botnets on the internet are available or will ever truly be known. A google search may uncover that data if it's available.
Good..
.answer!