On 10/16/11 AppDeploy got inundated with a very high number of junk/spam posts. Those that subscribe to forums were effectively relayed this junk via email. Made worse was the very high number of messages posted (tens of thousands) which made for a big in-box mess (I know, I got every one of them).

A bit of good news was the whole spam mess went down on a Sunday. Good and bad: the good is that a roll-back of the database does not appear to have resulted in any lost "legit" posts or accounts. The bad was that I was not online to see it happening. For now, the following actions have been taken:

- The suspect accounts have been banned/deleted
- The IP addresses used in the attack has been banned
- All junk posts have been deleted
- The minimum interval between a particular user's posts and replies is now one minute
- New accounts now require email verification

We are also establishing server-side alerts to notify operations of any similar activity in the future so that if the measures taken do not prevent this in the future, we will at the very least be able to identify and rapidly halt any resulting damage.

Please accept my sincere appolgies for the inconvenience I know that this caused a great number of you.
0 Comments   [ + ] Show Comments


Please log in to comment

There are no answers at this time
Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.


Answer this question or Comment on this question for clarity