Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


Forums2degrees (including Slingshot, Orcon, Flip, Stuff Fibre, MyRepublic, 2talk and Vocus)My review of Flip
View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4
ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648021 9-Oct-2016 15:06
Send private message

Well I am the web dev. Ive established that the spam attack does not use wordpress mail client, and I assume thats why there is no detail in my wordpress cp interface, but it does seem to stop if I rename the wordpress directory. What they are using to springboard the spam I dont know, but in reply to your later comment my opinion of Flip degraded when they showed zero interest in the spam situation. Its only since coming here and finding you helpful folks that any progress has been made.



noroad
1025 posts

Uber Geek
+1 received by user: 675

Trusted

  #1648027 9-Oct-2016 15:14
Send private message

ageorge:

 

Well I am the web dev. Ive established that the spam attack does not use wordpress mail client, and I assume thats why there is no detail in my wordpress cp interface, but it does seem to stop if I rename the wordpress directory. What they are using to springboard the spam I dont know, but in reply to your later comment my opinion of Flip degraded when they showed zero interest in the spam situation. Its only since coming here and finding you helpful folks that any progress has been made.

 

 

 

 

Well, I designed and built most of Flip, so Zero Interest is not quite the attention you are receiving eh....

ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648028 9-Oct-2016 15:14
Send private message

There is a setting in host CP which is called MX Entry which seems to allow re-route traffic from one domain to another.

 

If I can get that to work then I may have a chance of getting the header info.



ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648030 9-Oct-2016 15:15
Send private message

noroad:

 

 

 

Well, I designed and built most of Flip, so Zero Interest is not quite the attention you are receiving eh....

 

 

Not now, thanks!

ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648031 9-Oct-2016 15:19
Send private message

Very odd that I can rename the directory and the spam stops, name it back and it starts again. Perhaps spam source have dropped a wee script somewhere in the Wordpress installation thats doing the relay work.

freitasm
BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41072

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1648039 9-Oct-2016 15:39
Send private message

I am thinking this story makes no sense. The fact you have a Flip account and access your sites from that account, plus this incoming email flood makes me think it could even be y I urge machine sending this out.





Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648043 9-Oct-2016 15:47
Send private message

freitasm: I am thinking this story makes no sense. The fact you have a Flip account and access your sites from that account, plus this incoming email flood makes me think it could even be y I urge machine sending this out.

 

Greetings sorry 'y I urge' does not make sense to me typo??

 

If you were saying it could come from here then thats not possible as Ive shut everything down at this local and while it was shut down the spam kept rolling in.

freitasm
BDFL - Memuneh
80658 posts

Uber Geek
+1 received by user: 41072

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #1648046 9-Oct-2016 15:49
Send private message

Sorry, yes typing on phone.

I think the problem is not with Flip and we do not have enough information to actually come up with a diagnose.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648047 9-Oct-2016 15:49
Send private message

I had another idea to use apache spam assassin and set it so the blacklist originator email address contained 'thehomenz.com' that way I was expecting it to route the spam to a spam folder but this hasnt happened - groan!

ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648054 9-Oct-2016 15:52
Send private message

Yes I think that Flip has responded belatedly well and is now showing some concern so full marks.

 

However, please leave the topic open just in case someone can give me some tips on how to actually get a header from the traffic thats passing through my site then I can let Flips gentleman know the details. After all we have established the attack is coming from Flip, so they will need to chop it off at the source when they have enough info from me.

noroad
1025 posts

Uber Geek
+1 received by user: 675

Trusted

  #1648063 9-Oct-2016 16:21
Send private message

ageorge:

 

Yes I think that Flip has responded belatedly well and is now showing some concern so full marks.

 

However, please leave the topic open just in case someone can give me some tips on how to actually get a header from the traffic thats passing through my site then I can let Flips gentleman know the details. After all we have established the attack is coming from Flip, so they will need to chop it off at the source when they have enough info from me.

 

 

 

 

Send me the IP of your server, at least I can look for that in the Flip logs.

 
 
 
 

Shop now on AliExpress (affiliate link).
yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1648064 9-Oct-2016 16:22
Send private message

I'm so confused....can you explain what exactly are the first two entries in your screenshot?

 

 

 

 

The following error events seem to show someone has hijacked your web form script to send mail to hotmail.fr and yahoo.fr addresses.

yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1648065 9-Oct-2016 16:23
Send private message

noroad:

Send me the IP of your server, at least I can look for that in the Flip logs.

 

Seems to be server76 dot mainpacket dot com resolves to 104.128.226.6

noroad
1025 posts

Uber Geek
+1 received by user: 675

Trusted

  #1648068 9-Oct-2016 16:27
Send private message

ageorge:

 

I had another idea to use apache spam assassin and set it so the blacklist originator email address contained 'thehomenz.com' that way I was expecting it to route the spam to a spam folder but this hasnt happened - groan!

 

 

 

 

ok, do you have a linux machine at home named webid.co.nz ?

ageorge

626 posts

Ultimate Geek
+1 received by user: 53


  #1648071 9-Oct-2016 16:31
Send private message

noroad:

 

ageorge:

 

I had another idea to use apache spam assassin and set it so the blacklist originator email address contained 'thehomenz.com' that way I was expecting it to route the spam to a spam folder but this hasnt happened - groan!

 

 

 

 

ok, do you have a linux machine at home named webid.co.nz ?

 

 

can I ring you for security reasons? or would you like to leave it till tomorrow I can live with renaming my host directory for overnight.

1 | 2 | 3 | 4
View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright