: How did new users come to my site and is it safe to keep them? I'm launching a website as a hobby, it is somehow a stackoverflow clone. I noticed a very weird thing that I can't understand,

@Cugini213

If your website is hosting a forum or a blog that allows comments to articles you've posted and you allow registrations and postings without some mechanism for verifying the registrations are coming from a human rather than an automated script, you will likely get an enormous amount of spam posted on your site, since there are many systems out there on the Internet scanning for sites to which they can post spam which can generate traffic and revenue for the spammer.

You can check the IP addresses from which registrants are connecting to your site using the Stop Forum Spam site, which maintains a database of known forum and blog spammers. The database provides their email addresses, IP addresses, usernames, spamming frequency, and, in some cases, evidence of their spam. Modules are available for some forum software, e.g., the free Simple Machines Forum (SMF) package, which will query the Stop Forum Spam database and block attempts to register from IP addresses in its database.

I got interrupted after initially setting up an unadvertised forum once, which was to be just for my wife and a few of her friends, before I installed modules to block spammers and configure it to allow only registrants my wife approved; within a short time there were dozens of registrants and spam postings.

Vote Up Vote Down

@Pierce454

You just got introduced to bots :)

Looks like you are running a vanilla version of software like phpBB or WordPress etc.

What are bots?





(Source: Wikipedia)

Bots are an army of (mostly compromised) machines doing whatever their bot head asks them to do. In most cases, they just post spam messages with links. Read more about the command and control botnets at this Wikipedia page.

Is it possible to know how did they reach the site (what are the possibilities)?

Constant crawling/scanning networks, WHOIS databases and many other sources can reveal your site.

Once I hosted one of my websites on Amazon EC2. The elastic IP address that I got assigned was one of the IP addresses that pinterest.com was using before. As soon as my site was up, I got hundreds and thousands of hits from some sort of a Pinterest desktop client which (for some reasons) was using the IP address (rather than the domain name) to reach the website. This can be just one of many examples of how they are reaching out to you.

Is it safe to keep them? What should I do?

The primary aim for most of them is to post links to website, to get SEO karma on those links or they are links to malicious websites and the aim is to lure your website's users to click on it and get infected.

They do not pose a direct threat to your server's security, however posting a tonne of spam goes against a website's reputation and usefulness.

There are a plugins for WordPress/phpBB softwares (Akismet comes on top of my head) which help prevent/block spam.

Also, consider putting a CAPTCHA on your registration form. This alone will reduce 90% of the automated/bot registrations.

Finally, welcome to the Wild Wild Web (WWW)

Vote Up Vote Down