14 November 2012 CI Team Edit

 

Spam isn’t a new subject but I didn’t new till now that also very own created applications could be infected in no time.

In my free time I run the website KnowYourStack. The website was online for some time now and in the meantime I didn’t have the time for up keeping and further development since I’ve moved to another country.

Fail early – fail often

According to this slogan I’ve brought the page online in a case of youth foolishness. Also I’ve planned to test the anonym participation – Idea: No registration – no border to act on the site.

Result: Spam

It didn’t take long for the spam bots to invade the site with spam:

image1652

After the system is completely based on my own code I wondered about the enormous number of spam (4 to 5 entries every day).

Bruteforce FTW

I’m sure that these boots aren’t configured especially for my website so that’s what I assume:

Spam Boots are scrawling through the internet and as soon as they find a form they fill it and send it in. If you didn’t integrate some security mechanism like a little math task or a captcha you are going to be an advertisement target. It was interesting to recognize that the more spam I had the more I got. To be honest I have a little respect of these little devils that developed this.

Lesson learned: Self-made Apps could be a spam magnet too

Without a protection like Captcha and so on it is an easy task for spam bots.

Lesson learned: Anonym only with moderation

Anonym entries have their value but it is necessary to have some kind of moderation.

Lesson learned: Integrate some Mini-Administrations-Functions

I didn’t thought about this subject at all. At the beginning I had to remove the first spam entries via RavenDB Management Studio. It’s possible but laborious. My advice for you: It’s useful to integrate some administration functions from the beginning – even a not-anonym user could share some improper content.

P.S: I’ve pulled the emergency brake. KnowYourStack Reimagined Zwinkerndes Smiley

image


blog comments powered by Disqus