spam attack on /component/k2/itemlist/user/

Questions related to the configuration of Joomla, Templates, and Security related questions/issues
Post a reply
Rate this topic: Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.Evaluations: 0, 0.00 on the average.
GK User
Thu Sep 24, 2015 10:18 am
Hi,

I am not sure if you can help me, but I have a problem that I got a lot of traffic of different bots and ips that keep going to /component/k2/itemlist/user/...

I tried to block the bots, but that seems not to work.
In the k2 parameters I turned of the rss feed, the login form, etc. the path is component is not a path in my site.

I checked for a hack file by file and checked also with scans but luckely that isn't the case. Still there are internal links being used like this. http://www.epopular.com.sg/dynamic/offs ... /user/1567

It would be really really appreciated if you can give me tips or advice on what I can do to stop this. I don't use the login, comments, feeds, social icons, so I thought I turned them off. but still they can get a screen of my site, which I don't understand. I would be grateful if you could help me on how to stop this

Grz,

Kevin
User avatar
Senior Boarder
GK User
Thu Sep 24, 2015 11:39 am
Hi,
it quite normal, K2 is a weak link in this chain.
---
Check answer on K2 official forum, using right settings you can reduce number of fake users.
User avatar
Platinum Boarder
GK User
Thu Sep 24, 2015 12:13 pm
Ok thank you Oscar. So I don't have to worry about malicious stuff happening?

I will check it, thank you for sending me in the right direction!!!
User avatar
Senior Boarder
GK User
Thu Sep 24, 2015 12:19 pm
do you have an link for me? I am looking but can't find the answer
User avatar
Senior Boarder
GK User
Thu Sep 24, 2015 12:22 pm
So I don't have to worry about malicious stuff happening?

You have to do some steps to prevent them. Because soon you site will be similar to garbage dump with all this spam.
--
Setting a ReCaptcha system for K2 should be the first line of defense.
Next, in Google search bar input "k2 spam comments" and you will get some tips, also from forum.joomla.org
User avatar
Platinum Boarder
GK User
Thu Sep 24, 2015 12:27 pm
Last tip (because we are not K2 support, fortunately for me)
If your site do not need new users registration by front-end. In User Manager disable option for registration. It will cut off fake users.
User avatar
Platinum Boarder
GK User
Thu Sep 24, 2015 12:40 pm
Yes that is what I already done and explained in the first comment. I don't have registration on. So no one can become a user. And I don't have any users anymore besides the administrator user.. but what happens is that from spam sites they make a redirect to my site, for example:

http://www.epopular.com.sg/dynamic/offsite.php?site=http://big5.icbc-ltd.com/gate/big5/[[/color]color=#0000FF]www.lwbsmile.nl/component/k2/itemlist/user/1567[/color]

the red part is the spam part, the rest is from my site. It still generates a page.. They can't login.. but I am not sure if you can expect any problems from this.. I want to block this page, give it a 403 or something

to do so i have to restrict the path i think, but I can't seem to figure out how, because component/k2/itemlist/user I can't find in the folders.
User avatar
Senior Boarder
GK User
Thu Sep 24, 2015 2:09 pm
Probably you have to install addcional security extension which may help you, like RSFirewall.
I cannot help more during "template" support.
User avatar
Platinum Boarder
GK User
Thu Sep 24, 2015 2:25 pm
No I understand... will check that extension.. I have a securitycheck now.. Thank you for your help Oscar, you did not have to do that, so I appreciate it. Have a nice day still
User avatar
Senior Boarder
Post a reply
cron