By qblack1 on

Current installation parameters:
www.cancercast.com
Drupal 4.6.2 (installed through Fantastico)
Vizaweb.com is the hosting company
Operating system Linux
Kernel version 2.4.21-37.0.1.ELsmp
Machine Type i686
Apache version 1.3.36 (Unix)
PERL version 5.8.7
PHP version 4.4.2

I found today through a newly broken RSS feed for my podcast, that my drupal site (www.cancercast.com) is serving every page with the following appended to the end.

<u style=display:none><a href="http://randomannoyingurl">buy phentermine</a> <a href="http://randomannoyingurl">phentermine cheap</a> <a href="http://randomannoyingurl">where can i get the cheapest phentermine</a> <a href="http://randomannoyingurl">order phentermine online and cod shipping</a>

Then it goes on for something like estimated 40 pages of characters! OUCH!

I am at best a low to intermediate skill technical person, so I've used as much pre-done/canned services as possible (ie Fantastico, Drupal, Feedburner).

Can anyone please help me with this?

I have delayed upgrading Drupal as I was worried through Fantastico that it would erase my entire site or corrupt in in some way. Perhaps unfounded, but I haven't had the time to deal with any potential rebuilds of the whole thing, so I've left it as is.

Thanks,
qblack

[Editor: added code tags so we don't have spam links on Drupal]

Categories: Drupal 4.6.x

Comments

yelvington’s picture

yelvington commented

Your site has been targeted by scripts that post spam comments.

Disable anonymous commenting and the problem will go away.

If you absolutely must have anonymous commenting, upgrade your site to the current release of Drupal, install the Drupal spam.module (not on this site, you have to Google for it), and configure properly. The spam.module does a fairly good job of detecting and automatically unpublishing comment spam.

And please DELETE the examples from your posting; they're just feeding the beast that creates the problem.

jwilde’s picture

jwilde commented

http://drupal.org/forum/fantastico-de-luxe

qblack1’s picture

qblack1 commented

Thanks for spiffing up my post by boxing out the SPAM code I posted. My apologies.

sepeck’s picture

sepeck commented

Yes, it will be annoying but clean all the comments out first.
NExt, backup your database completely and see if you can get your site updated to the latest 4.6.x series. Waiting on security updates is merely another form of gambling.

Standard comment spam is not a hack through. Change your workflow so all comments must be approved before posting. That's the short term quick fix.

You will want to investigate and test the anti-spam modules stuff
http://drupal.org/node/30501
http://drupal.org/project/spam

You may also want to try out the Captcha module as well
http://drupal.org/project/captcha

However.... before you do the modules you may want to consider an upgrade to the latest 4.7.x release. The new improved vidio modules may make it worth your while.

-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide -|- Black Mountain

-Steven Peck
---------
Test site, always start with a test site.
Drupal Best Practices Guide

qblack1’s picture

qblack1 commented

Upgraded to most recent Drupal.

Disabled commenting, which was not really in use on the site.

Deleted the few registered users except for my administration account. Being an authorized user was pretty useless on my site.

Removed the login block. Later this caused me some stomach upset until I figures out how to get a login screen up independently.

Now I feel a bit more secure on this, and the site was up and running again by afternoon. All RSS feeds were back in business.

Thanks again. You were a huge help!

qblack