Hi there Tendenci Community. Spam, unfortunately, is a complex issue and a never-ending problem we all have to manage and invest time in. It truly is a headache. Associations are part of the fabric of our society and we take security very seriously https://www.tendenci.com/security/. As we mention on our Cloud Security information page, there are many resources available for cyber security training. We encourage you to look them up and take an active role in keeping your website, company, family, and country secure from cyber-attacks.
Tip: Please take a look at this report from the World Economic Forum | Cyber security is no longer enough: businesses need cyber resilience which talks about the importance of Cyber Resilience and the importance of educating your team on how to defend company security.
Tendenci software provides you with the essential tools you need to help fight spam. Below are some resources and information to help you manage website spam.
SQL Explorer
SQL Explorer helps you extract all the data you need to manage spam and other search queries. Learn how to use the Django SQL Explorer on your Tendenci website.
Use these two queries below to search for all possible forum or email spammers, and extract the data of all suspicious or bad imports.
Go to www.yourwebsite.com/explorer and if you don't see a query for Users - Possible Forum or Email Spammers (SECURITY) follow these simple steps to do it yourself.
- Select New Query
- For the Title write: Users - Possible Forum or Email Spammers (SECURITY)
- For Description write: IMPORTANT: This report WILL give false positives. Meaning they are actually members or valid users. So BE CAREFUL! User records created by contact forms that MIGHT, but not necessarily, but spammers.
Copy & Paste the following script inside the SQL box:
SELECT
CONCAT('<a href="/profiles/edit/', u.id, '/" target="_blank">', u.id, '</a>') as Edit,
u.first_name, u.last_name, u.email,
CONCAT('<a href="/profiles/', u.username, '/" target="_blank">', u.username, '</a>') as username,
CONCAT('<a href="/forums/users/', u.email, '/" target="_blank">forums</a>') as Forums,
CONCAT('<a href="/admin/auth/user/', u.id, '/change/" target="_blank">chg</a>') as Chg,
CONCAT('<a href="/admin/auth/user/', u.id, '/" target="_blank">del</a>') as Del,
u.is_superuser
FROM auth_user u
WHERE
(u.first_name LIKE '%root%'
OR u.last_name LIKE '%root%'
OR u.first_name LIKE '%admin%'
OR u.last_name LIKE '%admin%'
OR u.username LIKE '%admin%'
OR u.username LIKE '%root%'
OR u.email LIKE '%.ru'
OR length(u.email) < 7
OR u.email LIKE '%noreply%'
OR u.email LIKE '%casino%'
OR u.email LIKE '%no-reply%'
OR u.email LIKE '%www%'
OR u.email LIKE '%administrator%'
OR u.email LIKE '%asdf%'
OR u.email LIKE '%123%'
OR u.email LIKE '%sex%'
OR u.email LIKE '%yandex%'
OR u.email LIKE '%.country'
OR u.email LIKE '%.stream'
OR u.email LIKE '%.download'
OR u.email LIKE '%.xin'
OR u.email LIKE '%.gdn'
OR u.email LIKE '%.ukp'
OR u.email LIKE '%.racing'
OR u.email LIKE '%.jetzt'
OR u.email LIKE '%.win'
OR u.email LIKE '%.bid'
OR u.email LIKE '%.vip'
OR u.email LIKE '%.ren'
OR u.email LIKE '%.kim'
OR u.email LIKE '%.mom'
OR u.email LIKE '%.party'
OR u.email LIKE '%.review'
OR u.email LIKE '%.trade'
OR u.email LIKE '%.date'
OR u.email LIKE '%.wang'
OR u.email LIKE '%.accountants'
OR u.email LIKE '%.top'
OR u.email LIKE '%.icu'
OR u.email LIKE '%.ru'
OR u.email LIKE '%.top'
OR u.email LIKE '%.xyz'
OR u.email LIKE '%i.ua'
OR u.email LIKE '%.sex'
OR u.email LIKE '%xxx'
OR u.email LIKE '%.inbox'
OR u.email LIKE '%.pl'
OR u.email LIKE '%.by'
OR u.email LIKE '%root%'
OR u.email LIKE '%.porn'
OR u.email LIKE '%porn%'
OR u.email LIKE '%administrator%'
OR u.email LIKE '%www%'
OR u.email LIKE '%.co'
OR u.last_name LIKE '%Iceland%'
OR u.last_name LIKE '%Mali%'
OR u.last_name LIKE '%Mexico%'
OR u.last_name LIKE '%Egypt%'
OR u.last_name LIKE '%USA%'
OR u.last_name LIKE '%Russia%'
OR u.last_name LIKE '%China%'
OR u.last_name LIKE '%India%'
OR u.email LIKE '%.online%')
ORDER BY u.id DESC
Another good SQL script to add for spammers is the following:
- Select New Query
- For the Title write: Users - SUSPICIOUS or BAD IMPORTS
- For Description write - Users with the same first_name and last_name which could be a bad import but it also likely spammers
Copy & Paste the following script inside the SQL box:
SELECT
CONCAT('<a href="/profiles/edit/', u.id, '/" target="_blank">', u.id, '</a>') as Edit,
u.first_name, u.last_name, u.email,
CONCAT('<a href="/profiles/', u.username, '/" target="_blank">', u.username, '</a>') as username,
CONCAT('<a href="/forums/users/', u.email, '/" target="_blank">forums</a>') as Forums,
CONCAT('<a href="/admin/auth/user/', u.id, '/change/" target="_blank">del</a>') as Del,
u.is_superuser
FROM auth_user u
WHERE
(u.first_name = u.last_name)
AND
(u.last_name NOT LIKE '%planning%'
AND u.first_name NOT LIKE '%Zoning%'
AND u.email NOT LIKE '%tamu.edu%'
AND u.email NOT LIKE '%jacobs%')
ORDER BY u.id DESC
ReCAPTCHA
We have upgraded Google reCaptcha to v3 in an effort to reduce spam and phishing attempts. Contact Us if you have any questions or concerns. Read our help file and follow the steps to How to Use Google reCAPTCHA v2 or v3 on Your Tendenci Site
Email Blocks
You have a backend option to keep spammers from coming to your site with different email addresses.
When a person submits a contact form or any of the customs forms on your website, an email notification will be sent to the form recipients. If the user email is in the Email Blocks, the email notification will not be sent to the form recipients.
https://www.yourwebsite.com/admin/email_blocks/emailblock/
Emails: Email wasn’t built for security. We suggest you add your no-reply@yourdomain.com as a contact because as an example, spammers send out spam from your domain causing their firewalls or network admins to block you. It’s too easy to spoof email. Spammers will spoof their IP address trying to get you to block main DNS servers, for example, so you can be tricked into blocking all traffic from the DC area or similar.
Negative SEO
Learn about Negative SEO and invest in an SEO Specialist who can help you maintain your website from malicious backlinks to your website. Use your Google Analytics and Google Search Console help to view all the backlinks and referrals to your website and use their Disavow Links Tool.
Use websites like https://www.stopforumspam.com/spamdomainsandips and add those domains to your disavow list.
Other Helpful Tips:
1. Stay safe on the internet and keep your company computers safe. Download Sublime Text and use that code editor to copy & paste text and code safely. Download Brave browser and learn to be cautious and navigate incognito.
2. Keep an eye on new users. Do a quick search on the information they provide like their email and if you find no correlation then it is best to delete the new user. If you find funky search results then this is the perfect example to block the email at https://www.yourwebsite.com/admin/email_blocks/emailblock/
3. Keep an eye on your newsletter subscribers. Again, do a quick search on the email provided, take precautious measures, and make sure your users are legit. Inventory your subscribers and remove unsubscribed newsletter users at:https://www.yourwebsite.com/groups/newsletters/