Lara:
a. first, double check all categories to make sure that comments are disabled in category AND item views. Because you can override category parameters in individual items, you may want to revisit those as well - if there is a vulnerability, they will find it.
b. make sure that the spam is coming in via K2 - you can delete all the spam either through the backend (or else drop the rows in mysql). Lock down all contact forms and any other forms. General rule: you should always use some form of security check.
c. if you are still getting spam after this, then I would would look at any other 3rd party extensions - make sure you unistall any unused extensions.
d. look through the site to ensure that your site has not been hacked.
e. you will certainly benefit from security extension that allow you to identify and block IP addresses of spammers and other malicious 'bad behaving' bots, etc. I highly recommend Admin Tools Pro -
www.akeebabackup.com/software/admin- tools.html
After you read Nicholas' documentation, you will have a pretty strong idea about what is at stake and how you can protect your site.
If you need additional help, please let me know - I do a lot of security rescue & recovery for clients all over the world.
Hope this helps!
Alan
Lara Lee Templemore-Walters said:
All my K2 sites are being hit with spam and I don't even use the comments on my site I have hidden it in the configurations, and don't know how to stop them.
They are sucking up my bandwidth.Any solutions will be greatly appreciated!
