Hi I have a problem.

On my website I don't have a login or comments. But because joomla sets registrations on yes as default, spammers filled up the user box with thousands. they don't seem many rights, so I deleted them all and set the registration to no. This solved the problem of users coming in.

There are still a lot of spammers though targetting /component/k2/itemlist/user/

what happens is that from spam sites they make a redirect to my site, for example:

www.epopular.com.sg/dynamic/offsite.php?site=http://big5.icbc-ltd.com/gate/big5/[[/color]color=#0000FF]www.lwbsmile.nl/component/k2/itemlist/user/1567[/color]

the red part is the spam part, the rest is from my site. It still generates a page.. They can't login.. see link.
www.epopular.com.sg/dynamic/offsite.php?site=http://big5.icbc-ltd.com/gate/big5/www.lwbsmile.nl/component/k2/itemlist/user/1567

Two question:

1 - How serious is this? Did they hack k2? Or is it just spam?

2- How can I solve this? I wanted to remove the path " component/k2/itemlist/user/*" all together, but it does not seem to be a path in my folders, or I can't find it. Another solution would be to restrict access to that path. But again I am not sure how?

Could you please give me advice on how I can solve this? the traffic from that spammers is not nice.

Thank you in advance.

Kevin

to do so i have to restrict the path i think, but I can't seem to figure out how, because component/k2/itemlist/user I can't find in the folders.

The /component/k2/itemlist/user/ pattern shows you that these links are from spammers who signed up for your site.
Removing these (Joomla!) users will remove these links as well.

No it does not remove them, robots will still go to the link, and the link is still accessible.. you still get traffic from them and as you can see on the link i provided they made internal links from there websites to my site. Not nice with all the crap that is out there. As I pointed out in my message, all users were already deleted. Still the k2 link is accessible.

But I found the answer, and because I am not the only one who will have this problem, this might solve it for others too, if you don't make use of comments, logins, users in your site.. You can make the link forbidden in your .htaccess file.

RewriteRule ^component/k2/itemlist/user/\d* - [F,L]

Have a good spammer free day ;-)

Your users won't be able to access your own user page if it is not mapped into a menu item. It could lead to issues even then.

If you are not using this view then you can safely use this method.

Hi, i have the exact same problem and i want to point two important things
1. the non sef url is /?option=com_k2&view=itemlist&task=user&id=* (some user id at the end)
2. except of the dead pages that are still there even after deleting the users, the result is thousands of spam backlinks -which is bad for seo...

so
1. is there a way to block these links (/?option=com_k2&view=itemlist&task=user&id=) permanently or better disable them?
I can see- except of the spam users- even if iput the id of the super admin at the end of the link still there is a page...!! i don't want that

2. now that we are full of unwanted backlinks is there any walkthrough to get rid of these?

thank you in advance

You can try glenbovert's .htaccess solution to block access to a specific pattern of URLs.

Thank you for your answer. Here is a strange thing
the spam URL is ?option=com_k2&view=itemlist&task=user&id=(some number)
it doesn't include "index.php" but still joomla can recognize it.
in htaccess i can't put aURl starting with "?"
Same thing in sh404, it asks for index.php at the begging in order to create a redirect link

i also found out that every site that runs k2 returns a page when the url is /?option=com_k2&view=itemlist&task=user&id=somenumber

i really need help with this one

You can start it with index.php?com_k2view=itemlist&task=user etc, add the SEF url as well (component/k2/itemlist/user/).

I have that same problem

I have the same problem.
I appreciate the last solution to set the new option, but this is only to prevent new hackering.

My site is already affected by this problem, I removed all the unwanted users, but the links are still there.
I need to block the unwanted links before they are elaborated by joomla, because they are a huge quantity and are creating a lot of traffic slowing my site.
In .htaccess I tested the solution suggested by Glenbovert above:
RewriteRule ^component/k2/itemlist/user/\d* - [F,L]

But I do not understand why it is not working.
I thought it should have to show an error page, instead the links are still elaborated by Joomla, showing a Joomla page and creating traffic.
Any suggestion ?
Thanks

Hello
Thanks for your very fast reply.
Actually I am still using an old version (2.6.9), I will try to upgrade in couple of days and keep you informed about the results.
Thank you.

Hello
A few hours ago we have upgraded
Joomla to 3.7.5
K2 to version 2.9.0
In Global Configuration / K2 / Advanced we changed Control-K2-User... to Enabled

The traffic problem seems improved a little, but it is still there.
When the site is on, the server registers a lot of I/O usage traffic, when it is off, the traffic is low.
This is a very simple site and its own normal traffic should be very low.

I think the I/O usage high rate is due to the elaboration of calls made by the spamming links that point to /component/k2/itemlist/user/
Even if user is not accessible, the link calls are using resources.
The spamming users had ID from 200 to about 450. I would like to block all of them in the .htaccess.
Let me know how I can stop them before they are elaborated by the system.

Thanks

I agree with you only in part.
If it was not because of k2, I am not in this situation.

I want to share my experience because now I found the solution to my problem.
Fotis, you are right, K2 was only one of my problems and it was settled controlling better the access of users, hackers continue trying to login, but they are stopped.

My second problem that was increasing I/O usage, in my case, was the System Cache setting.
I changed from Progressive Caching to Conservative Caching and the result is a huge benefit, now I have very low I/O usage.

I have still a doubt about K2 Option Parameter setting.
Please confirm again that Control K2 User Profile have to be setted DISABLED, as specified in your former note.
The program help note is not very clear and seems to lead to a different understanding.

Thanks