Thread

We’re seeing an enormous increase in member signup spam in the last week or so on a few sites.  The vast majority of this is coming from 222.186.24.XXX

Max Lazar posted something about this too: http://twitter.com/#!/Max_Lazar/statuses/107591484244623360

Our issue - trying to add an IP to the Blacklist/Whitelist module doesn’t work.  EE.com’s blacklists also don’t contain 222.186.24.

Obviously 163.com et al are common in China (basically Chinese Hotmail equivalent) so probably wouldn’t be appropriate for the EE.com blacklist, but we think the 222.186.24. could be added.

That doesn’t solve the issue of not being able to update our own blacklists, though!  Any advice on that one?

When you say you can’t update the blacklist, what happens exactly when you try to?

Also what version of ExpressionEngine are you currently running?

Best wishes,

Mark

Hi Mark

Not getting any error messages, but anything added to the blacklist textareas just disappears when the screen reloads on updates.

This one’s on 2.1.3. - I guess we might have to update if there’s not a fix already, although we were trying to avoid updating for a while.

EDIT: Serves me right for working on 3 EE sites at once - this one’s actually on 2.2.1, but I’ll update to 2.2.2. and check things out again.

When you say anything added to the textarea disappears do you already have a long list of IP addresses in the textarea and you are trying to add more perhaps?

What I assume is the standard EE.com blacklist is in there, but this is the first time I’ve tried to add any new ones.  Our client might have done in the past though.  But yes, I’m trying to add more to the existing list.  Seems like a strange one.

I believe that what you’re probably seeing here is the same as I mentioned on this forum post here for 1.x.

If ExpressionEngine 2.x is storing them in the same way which I believe it is then it could be getting truncated due to the limitation of the TEXT type database field.

Aha, that makes sense - thanks Mark!  I was wondering why you were so knowledgeable on such a strange little bug 😉

I’ll post a link into that thread too, and we’ll see what the dev team have to say, since it seems like the same issue.

Aha, that makes sense - thanks Mark!  I was wondering why you were so knowledgeable on such a strange little bug 😉

I’ll post a link into that thread too, and we’ll see what the dev team have to say, since it seems like the same issue.

Someone should hopefully answer to this post though as the other one is for 1.x however as the two problems are very directly related then I don’t see it should be a problem.

Best wishes,

Mark

Jon,

Rather than change the database fieldtype you can write your Blacklist directly to your htaccess file.
Would that help?

Is changing the DB fieldtype the official solution at this point?  Where does that leave us in terms of future compatibility?

Our htaccess is absolutely huge, so I was hoping to avoid adding a heap of blacklist links if poss?

Hi Jon,

I’ve chased this up to the dev team to see if we can get a recommended solution for this, even if it’s just a short-term fix. Obviously the long-term fix needs to be something more scalable than storing all IPs in a single database field, but that fix would likely take longer to implement. I’m gonna see if we can get something to you that’ll work well in the short-term. Hang tight, and I’ll report back when I have some more information for you.

Thanks Kevin - sounds good to me!

Hey Jon,

You’re probably subscribed to that other thread, but in case you’re not, just wanted to let you know that I updated that thread with the solution.

Let me know if that takes care of your issues!

I was indeed.  Thanks Kevin - all set now.

All,

Just closing this out.

Cheers,