Keyword

spammers targetting /component/k2/itemlist/user/

More
2 weeks 5 days ago #169531 by Roberto
Roberto replied the topic: spammers targetting /component/k2/itemlist/user/
I have the same problem.
I appreciate the last solution to set the new option, but this is only to prevent new hackering.

My site is already affected by this problem, I removed all the unwanted users, but the links are still there.
I need to block the unwanted links before they are elaborated by joomla, because they are a huge quantity and are creating a lot of traffic slowing my site.
In .htaccess I tested the solution suggested by Glenbovert above:
RewriteRule ^component/k2/itemlist/user/\d* - [F,L]

But I do not understand why it is not working.
I thought it should have to show an error page, instead the links are still elaborated by Joomla, showing a Joomla page and creating traffic.
Any suggestion ?
Thanks

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
2 weeks 5 days ago #169532 by Fotis
Fotis replied the topic: spammers targetting /component/k2/itemlist/user/
If you are using the latest K2 release (v2.9.0) and have this option jmp.sh/4mwcBTa set to "Disabled" in K2 Parameters/Settings, then you won't have any issues.

Can you verify that's the case for you please?


If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.

More
2 weeks 5 days ago #169533 by Roberto
Roberto replied the topic: spammers targetting /component/k2/itemlist/user/
Hello
Thanks for your very fast reply.
Actually I am still using an old version (2.6.9), I will try to upgrade in couple of days and keep you informed about the results.
Thank you.

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
2 weeks 5 days ago #169534 by Fotis
Fotis replied the topic: spammers targetting /component/k2/itemlist/user/
This feature was added in 2.7.0 or 2.7.1 if I recall correctly.


If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.

More
2 weeks 4 days ago #169552 by Roberto
Roberto replied the topic: spammers targetting /component/k2/itemlist/user/
Hello
A few hours ago we have upgraded
Joomla to 3.7.5
K2 to version 2.9.0
In Global Configuration / K2 / Advanced we changed Control-K2-User... to Enabled

The traffic problem seems improved a little, but it is still there.
When the site is on, the server registers a lot of I/O usage traffic, when it is off, the traffic is low.
This is a very simple site and its own normal traffic should be very low.

I think the I/O usage high rate is due to the elaboration of calls made by the spamming links that point to /component/k2/itemlist/user/
Even if user is not accessible, the link calls are using resources.
The spamming users had ID from 200 to about 450. I would like to block all of them in the .htaccess.
Let me know how I can stop them before they are elaborated by the system.

Thanks

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
2 weeks 4 days ago #169554 by Fotis
Fotis replied the topic: spammers targetting /component/k2/itemlist/user/
This is a simple redirect. No items are retrieved. The user ID is picked by the URL. It's quite fast.

Your bottleneck is somewhere else.

Since you know the URL pattern, it won't be difficult to figure out a regex in .htaccess or Nginx rules to block or redirect it. But it's really out of the scope of the support we provide here as it's not a bug in K2.


If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.

More
2 weeks 4 days ago #169556 by Roberto
Roberto replied the topic: spammers targetting /component/k2/itemlist/user/
I agree with you only in part.
If it was not because of k2, I am not in this situation.

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
2 weeks 4 days ago #169557 by Fotis
Fotis replied the topic: spammers targetting /component/k2/itemlist/user/
Spammers will always find creative ways to spread URLs. K2 does have a solution for that unlike other extensions (e.g Kunena - where we delete spammers EVERY day).

You don't say that K2's solution does not work. You say it causes load to your server as a side-effect. I disagree and I explained why. Your problem could be some 3rd party system plugin, did you consider that?


If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.

Moderators: william white