I upgraded the Trackback module to dev so I could use the akismet module in conjunction with the spam module to filter trackback spam. This was working really well and akisment reported that it filtered out over 1000 trackback spam in 3 weeks. However at 8:33PM on the 11th I got hit with a spam bot that somehow managed to bypass both the spam and akismet modules, and most concerning it managed to bypass the Trackback moderation queue. I logged onto my site to find dozens of trackbacks to porn sites posted all over my site, and it seems to have hijacked my user account to authorise the trackbacks. Not sure how it did this, but I am sure I personally did not publish trackback porn on my own site. I have disabled the trackback module for now, but still have all the watchdog entries which shows the publishing IP of all the spam is 81.95.144.102 (in the Russian Federation).

Comments

Christoph C. Cemper’s picture

Christoph C. Cemper CreditAttribution: Christoph C. Cemper commented

IMHO the problem here is AKISMET authorizing the as comments as legit and thereby publishing it
i've seen this with fairly new spam ips, and when you submitt the same crap a day later, then akismet has learnt about it already

brashquido’s picture

brashquido CreditAttribution: brashquido commented

Could well be. I never had this problem before.

zorac’s picture

zorac CreditAttribution: zorac commented
Status: Active » Fixed
Anonymous’s picture

(not verified) CreditAttribution: commented
Status: Fixed » Closed (fixed)