Beware: the anonym Internet is full of spam

image1651-348x194_thumb.png

 

Spam isn’t a new subject but I didn’t new till now that also very own created applications could be infected in no time.

In my free time I run the website KnowYourStack. The website was online for some time now and in the meantime I didn’t have the time for up keeping and further development since I’ve moved to another country.

Fail early – fail often

According to this slogan I’ve brought the page online in a case of youth foolishness. Also I’ve planned to test the anonym participation – Idea: No registration – no border to act on the site.

Result: Spam

It didn’t take long for the spam bots to invade the site with spam:

image1652

After the system is completely based on my own code I wondered about the enormous number of spam (4 to 5 entries every day).

Bruteforce FTW

I’m sure that these boots aren’t configured especially for my website so that’s what I assume:

Spam Boots are scrawling through the internet and as soon as they find a form they fill it and send it in. If you didn’t integrate some security mechanism like a little math task or a captcha you are going to be an advertisement target. It was interesting to recognize that the more spam I had the more I got. To be honest I have a little respect of these little devils that developed this.

Lesson learned: Self-made Apps could be a spam magnet too

Without a protection like Captcha and so on it is an easy task for spam bots.

Lesson learned: Anonym only with moderation

Anonym entries have their value but it is necessary to have some kind of moderation.

Lesson learned: Integrate some Mini-Administrations-Functions

I didn’t thought about this subject at all. At the beginning I had to remove the first spam entries via RavenDB Management Studio. It’s possible but laborious. My advice for you: It’s useful to integrate some administration functions from the beginning – even a not-anonym user could share some improper content.

P.S: I’ve pulled the emergency brake. KnowYourStack Reimagined Zwinkerndes Smiley

image

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.

About the author

Written by

Learn more about our team.

Recent Posts

  • HowTo: make out Retweet-counter in a random URL

      Twitter offers some interesting functions with the integration of the twitter button – every user can see how often the website has been retweeted and he can do the same with just one click. But of course the whole thing has his price: - The integration of the Twitter JavaScript makes the whole data […]

  • Time-controlled Azure WebJobs – Azure as easy as it get‘s

        While still in development the Azure WebJob SDK offers some cool features for procession and supply of information. A good example is the sample that observes the Azure Queue and processes an item as soon as it spots one.   Scenario: time-controlled activities – without queue and so on My scenario was quite […]

  • image2021-570x194_thumb.png
    HowTo: Create RSS Feeds with ASP.NET MVC

    I’ve already written about how to consume RSS or Atom Feeds with the SyndicationFeed (in German, sry) but todays post is about how to create or publish an own feed. Beside the age of the feed standard and the much defamation from Facebook, Twitter and Google on RSS/Atom I consider this easy to consume API […]

  • image1997-311x194_thumb.png
    How to access an Azure Website with the local IIS Manager

    Since the end of February it is possible to access an Azure Website with the IIS Manager. Although the Azure Management site offers some information there are more details visible at the IIS Manager. For the connection you will need an IIS Manager and the IIS Manager for Remote Administration Extension. It’s also possible to […]

  • image1929-570x143_thumb.png
    Create and validate own Json-Web-Tokens (JWTs)

    If you are interested in web authentication you probably have heard about JSON Web tokens (JWT). What is a JWT? Maybe I’m not using the correct security termination but however: JWTs are used to exchange claims between two systems. For example: You want to log on to a service (like Facebook, Twitter, etc.) and want […]

Support us