New Forum: Spammed within Minutes

So, I've installed a new forum under a new Cpanel user on my VPS. Now, I've installed both MyBB and a vBulletin 3.8 license, and both are getting FLOODED with spam bots within minutes of the new installation.

Anyone have advice? Right now I have 50 active guest, I've turned the board off to save myself for now..

 

Spam - O - Matic for vBulletin is great. You can find it on the .org.

No suggestions for myBB but I'm sure there's something similar.

 

I agree on preventing it. My question is, how did they find it so fast? And why are they still finding it? It basically crashed my server for a few minutes because of so much traffic to that account.

 

I was running a SMF before with this domain name and I stayed away for a week, and it went to hell with spam. So I wiped it, and now anything I put on that domain (forum wise) is getting killed. So I think it's more tied to the domain than anything else now that I think about it.

 

Just setup some basic questions on registration, that will eliminate so many. Spam 0 matic should work great as well.

 

Like the other suggested with spam o matic. You need to take some spam prevention methods with your forum. You are probably hosted on a shared hosting and they found you that way.

 

Damn that sounds horrible, for mybb there are quite a few plugins to block all them spammers, just check the mybb plugin list. I saw quite a few people suggest Spam o matic, I myself have never used it but I would give it a go, I did some research and it has good reviews.

 

I'm using my own VPS.

Also, I just find it funny a brand new forum get's taken out that fast. Oh well, if I decide to continue and try that again I'll take some preventative methods before I open it to the public.

 

I personally use Akismet for forum spam. It's supported on many CMS scripts.
This is a huge problem theses days. I created a brand new domain name with a Wordpress install, and bam, 24 hours later I have 100 spam comments about "ralph lauren tshirts" in my damn approval box.

 

I'm not surprised a new forum would get hit that fast. If your users can find you, then spammers can too, and what is more likely to be undefended, a new site or an existing forum that has had to shoulder attacks in the past?

 

Many questions and many issues to be considered here.

1. Do you run VPS on your local machine or did you buy it from some company?
2. What OS is being run on your VPS - Linux or Win?
3. What kind of secuirity meassures do you have active on your VPS? Is it simple, GUI-based firewall, or is it advanced, policy-driven, tool (like iptables, access-list(s))?
4. Are you keeping your software up-to-date? Do you have auto-update enabled?
5. Did you register with some kind of mailing list where you have to provide your email?
6. Do you have robots.txt file? whtats in there?
7. What bandwich do you have (up/down)? Do you have any BRS in force? This may be useful here.

 

Questions & Answers is the best (and easier way) for anti-robots registrations. But try to make it a bit professional. eg instead of "Which is the 5th month of year?" I'm asking "Which is the 21-16 month of the year?". But try to have at least 20 questions. Have seen sites having just 1 question. This is like having nothing.

 

1. I'm running a box from ServInt right now.
2. Linux / CentOS
3. Whatever ServInt offers..
4. The OS is out of date, I know that. For the vB install, it was a 3.8X series as that is all my license covers.. the MyBB was the latest.
5. I sure hope not, that domain is new..
6. The Default Robots.txt
7. I don't know.

 

I had a SMF setup with this domain name, I never really made it active. It did get hit once and I just deleted it because I didn't have the time to get this one going. So I tried again with a different software (more for just testing really)..

 

@BoostN

1. OK.
2 & 3. In this case, log in to console as root, and issue

Code:

yum list

command. Check for iptables or similar. If not in system, issue

Code:

yumdownloader iptables

. With little help, it should block off most trolls,
4. How this is possible? do you have availability of updating it on your vps? Or do you mean that company does not offer new release?
6. Is robots.txt writeable on your side? Copy&paste all content which 'sits' in robots.txt please.
7. You bought vps from company and do not know the bandwich (how many you can upload/download)?