RobSkelton wrote:What I haven't seen discussed is how the spammers locate out forums to begin with? Could having phpbb in the footer be a factor? Could I change it to php^bb or something and avoid spammers altogether?
Spammers may use Google but it appears to me that they use there own spiders too. I do not have my phpBB up and running yet so there are no links to it, nor any Google references. However, after installing the files (and then running into a db issue) the next log files showed about 20 hits just poking around.
To the outside world all I did was create a new sub-directory, /XX, and load the phpBB files. The log about 8 hours later showed hits. At that point I did a chmod to 740 to hide it until I get other issues resolved.
If you have access to your system logs look at the files request that have broken links, or look at your error log. The spiders know that they are looking for. They are looking for file names that are part of applications with known weaknesses or were admin/users may not have set things up correctly (securely).
I also run a newsletter for a small theater group. On the web version of the newsletter there is a form to make comments. Some guy in Holland has posted several "comment spam." I guess I should have named the file something other than comment.html But spammers are dumb and need all the help they can get!
Just because you are paranoid, doesn't mean their not out to get you!
Say what you will about Sisyphus. He always has work.