« Adsense, referrer spam and empty pages
AT&T break-in and phishing »

Plone susceptible to redirects

I just got a comment spam from a spammer who uploaded a document to the Member section of a Plone installation.

The redirect didn’t work, but that particular installation had been spammed by several spammers, and I eventually found a redirect that did work.

I notified one of the main Plone developers. They told me they’d discovered the problem and fixed it several days ago. So those with a Plone installation can go get the fix. But I would still use robots.txt, just to avoid sloppy spammers…

What I would do if I had a Plone installation, I’d use robots.txt and make sure the member directories were off limits to search engines. Do that early enough, and the spammers will never bother you. Do it too late, and you still have to clean up every day until they move on. But at least the embarassing stuff the spammers uploaded will fall out of the search engines after a short while, eh?

This entry was posted on Saturday, September 2nd, 2006 at 5:09 am and is filed under Redirects. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

6 Responses to “Plone susceptible to redirects”

  1. Dirk Says:
    September 2nd, 2006 at 5:21 am

    Was that Plone site located in Seattle by any chance? Because I got trackback spam for a members section of such a site for 24 hours straight - only none of the spamvertized URLs ever worked …

  2. admin Says:
    September 2nd, 2006 at 5:32 am

    Not sure where they’re based. It was a site for some software having to do with video and audio. I saw a LOT of spam pointing to that site, and lots of different redirects. Only one worked that I saw.

  3. Dirk Says:
    September 2nd, 2006 at 6:29 am

    Okay, then it was a different one. The one I saw was about Linux and it was obvious where they are located. Which only proves your point that Plone seems to have a problem here and that spammers are abusing it.

  4. admin Says:
    September 2nd, 2006 at 6:32 am

    The point isn’t so much that Plone has a problem, but that CMS’s with member areas where members can upload stuff is a problem in general because spammers are jumping on that en mass.

  5. Alden Bates Says:
    September 2nd, 2006 at 10:42 pm

    I’ve been getting heaps of those. One of the spammers targetting my site seems to have using Plone to place redirects as a favourite technique. I’ve been notifying as many affected sites as I can - glad to hear that the Plone developers have come up with a fix for the problem.

  6. Spamhuntress » Blog Archive » Spamfighter protection on redirects Says:
    September 4th, 2006 at 12:50 pm

    […] I’ve found a number of spam pages on Plone installations that include protection against spamfighters and other irate people. […]

Leave a Reply