where is the guestbook?

I am having mega problems with "possible security attacks"

As it pertains to the guestbook,

HTTP_X_FORWARDED_FOR:

HTTP_CLIENT_IP:

SCRIPT_FILENAME: /home/sites/carersupport.co.uk/public_html/profile.php

QUERY_STRING: ID=guestbook.php&owner=3

REQUEST_URI: /guestbook.php?owner=3

QUERY_STRING: ID=guestbook.php&owner=3

SCRIPT_NAME: /profile.php

PHP_SELF: /profile.php

someone suggested removing or renaming the guestbook....

I cant find it!!! can someone please tell me how to go about this.

I have changed the settings as suggested by previous posts but I am still getting 3 emails every minute!!

I have installed the RC version (not RC2), and I must say up to now everthing appears OK appart from the emails?

Many Thanks

 

 

Quote · 1 Dec 2009

There isnt a guestbook.php in RC or RC2. Previous versions of Dolphin had a guestbook.php but was never utilized in the software. My guess is that hackers found an way to exploit dolphin sites using this file. If you are getting 3 emails a minute, you might want to check your logs and ban the IP Aaddress of the person doing it.

Chris

Nothing to see here
Quote · 1 Dec 2009

There is no guestbook in D7.  Did you have a D6 site at the same domain?   The guestbook in D6 was a spammers paradise.  I'd guess that some spammer thinks that you are a D6 site, and is trying to spam your guestbook.

See if you can find out anything from your access logs.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 1 Dec 2009

Thanks folks for your response.

I uploaded 7RC to a new site, new database etc. Yes I had V6 on the same server, but that was hacked 6 months ago and deleted. I have had nothing on the server since then.

 

If there is no guestbook, how can they spam my site? it happened the instant the install was completed!!

 

Can you tell me where/how to access the logs so that I can check?

 

Do you think I need to make changes to the profile.php file as that is the script they appear to be trying to get to?

 

Any help?

 

Many Thanks

Quote · 1 Dec 2009

they will be in a folder behind public_html in logs  folder will be yoursitename.com

open it if you can get it and hit ctrl-f to search for "guesbook" add IP you find to your deny in admin panel administration/ip_blacklist.php

I have video tutorials to help you mrpowless.com
Quote · 1 Dec 2009

Access logs will be on your server in a directory outside of your web root.  You can access them via ftp or through cpanel.. or whatever your server management panel is.  The D6 guestbook was/is so easy to spam, there are probably thousands of spam bots roaming the internet just to spam D6 guestbooks.  You will probably not find an UNspammed D6 guestbook anywhere. 

Study your server logs, and see if you can find references to 'guestbook', then make a note of the user agent and IP address that attempted to access the nonexistent  guestbook.  The first step would be to block the IP.  You may or may not be able to block the user agent.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 1 Dec 2009

 

they will be in a folder behind public_html in logs  folder will be yoursitename.com

open it if you can get it and hit ctrl-f to search for "guesbook" add IP you find to your deny in admin panel administration/ip_blacklist.php

 Hi

Found the log files - empty!! but have found the IP address for the spammer.

Have gone to the tools/ip_blacklist and input the data, but it wont submit, saying there is a problem with the date that i input! you can only input the date via a pop-up calender...Any ideas?

 

I am still getting emails every 2 miniutes or so and need to resolve this. The site appears to be working fine. Haven't uploaded RC2 yet. I dont particularly want to have to reinstall as I have just spent 2 days configuring the site how i want it.

 

Thanks in anticipation.

x

Quote · 2 Dec 2009
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.