Mobile app version of vmapp.org
Login or Join
Fox8124981

: How did new users come to my site and is it safe to keep them? I'm launching a website as a hobby, it is somehow a stackoverflow clone. I noticed a very weird thing that I can't understand,

@Fox8124981

Posted in: #Analytics #Users #WebHosting

I'm launching a website as a hobby, it is somehow a stackoverflow clone.

I noticed a very weird thing that I can't understand, I don't know if this is normal because I'm pretty new to the web mastering thing.

Directly after I launched the site by two hours (still has no posts) some users started registering.

What I couldn't know is how did they reach the site: I didn't tell anyone about, it didn't appear in the search engine...

These users don't do anything, they just logged in and left. (Except for one who posted a spam so I deleted it)

Some of them confirm their emails and some don't. There isn't any relation between them: From their ip addresses I know that they are from different countries such as United States, Canada, Switzerland...

I tried to message them but they didn't reply, I'm dying to know who are these guys and how did they discover this site. Why do they have interest in an empty site?

My questions:


Is it possible to know how did they reach the site (what are the possibilities)
Is it safe to keep them? What should I do?


Note: To request any further information please comment.

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Fox8124981

2 Comments

Sorted by latest first Latest Oldest Best

 

@Cugini213

If your website is hosting a forum or a blog that allows comments to articles you've posted and you allow registrations and postings without some mechanism for verifying the registrations are coming from a human rather than an automated script, you will likely get an enormous amount of spam posted on your site, since there are many systems out there on the Internet scanning for sites to which they can post spam which can generate traffic and revenue for the spammer.

You can check the IP addresses from which registrants are connecting to your site using the Stop Forum Spam site, which maintains a database of known forum and blog spammers. The database provides their email addresses, IP addresses, usernames, spamming frequency, and, in some cases, evidence of their spam. Modules are available for some forum software, e.g., the free Simple Machines Forum (SMF) package, which will query the Stop Forum Spam database and block attempts to register from IP addresses in its database.

I got interrupted after initially setting up an unadvertised forum once, which was to be just for my wife and a few of her friends, before I installed modules to block spammers and configure it to allow only registrants my wife approved; within a short time there were dozens of registrants and spam postings.

10% popularity Vote Up Vote Down


 

@Pierce454

You just got introduced to bots :)

Looks like you are running a vanilla version of software like phpBB or WordPress etc.

What are bots?





(Source: Wikipedia)

Bots are an army of (mostly compromised) machines doing whatever their bot head asks them to do. In most cases, they just post spam messages with links. Read more about the command and control botnets at this Wikipedia page.

Is it possible to know how did they reach the site (what are the possibilities)?

Constant crawling/scanning networks, WHOIS databases and many other sources can reveal your site.

Once I hosted one of my websites on Amazon EC2. The elastic IP address that I got assigned was one of the IP addresses that pinterest.com was using before. As soon as my site was up, I got hundreds and thousands of hits from some sort of a Pinterest desktop client which (for some reasons) was using the IP address (rather than the domain name) to reach the website. This can be just one of many examples of how they are reaching out to you.

Is it safe to keep them? What should I do?

The primary aim for most of them is to post links to website, to get SEO karma on those links or they are links to malicious websites and the aim is to lure your website's users to click on it and get infected.

They do not pose a direct threat to your server's security, however posting a tonne of spam goes against a website's reputation and usefulness.

There are a plugins for WordPress/phpBB softwares (Akismet comes on top of my head) which help prevent/block spam.

Also, consider putting a CAPTCHA on your registration form. This alone will reduce 90% of the automated/bot registrations.

Finally, welcome to the Wild Wild Web (WWW)

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme