[HOTFIX] SiteBuilder sites are overloaded with spam messages on Blog/Forum/Guestbook/Registration pages


2016-11-16 12:49:10 UTC


2017-06-05 05:46:09 UTC


Was this article helpful?

Have more questions?

Submit a request

[HOTFIX] SiteBuilder sites are overloaded with spam messages on Blog/Forum/Guestbook/Registration pages

Applicable to:

  • Plesk Sitebuilder 4.5 for Linux


Blog/Forum/Guestbook/Registration pages of a published site are overloaded with spam messages. This causes several problems:

When trying to add/remove a post from the blogs page, this does not remove and a "Error! Operation has not been completed" error appears. The "Guestbook" page on the published website does not load at all - "A server cannot be found" or "XML Parsing Error" errors appear after a long time.


The CAPTCHA module of Parallels Plesk SiteBuilder 4.5 is part of modules Blog, Forum, Guestbook, and Registartion. It may cause spam attacks to published websites. The existing CAPTCHA module will not be changed for several reasons:

  • There is no proof of vulnerability in this module; on no checked sites is the process automated. Most likely, we are observing the results of CAPTCHA-solving teams working as described in the following article: https://krebsonsecurity.com/2012/01/virtual-sweatshops-defeat-bot-or-not-tests

  • CAPTCHA module replacement will not address the performance issue for guest books with a high number of valid records; the issue appears when the SQLite database becomes too big.

  • CAPTCHA replacement is the most expensive solution in terms of required efforts (development, testing, packaging, product update on Hosting Provider side, end-user site re-publishing), while it does not address the root cause.


Meanwhile, the only solution is to remove/clear messages in the Blog/Guestbook on problem sites manually.

The development team has provided a script that removes messages from the database.

  1. To apply the solution, download the script to the server where sites are published and extract it with the "unzip" command:

    ~# wget http://kb.parallels.com/Attachments/kcs-104/sqlite_database_truncation_script.zip
    ~# unzip sqlite_database_truncation_script.zip
  2. Find large databases using the following command:

    ~# find /PATH/TO/DOMANIS/DIRECTORY -name sb_modules.php -size +25M

    (where /PATH/TO/DOMANIS/DIRECTORY is the directory on the publishing host where virtual directories of the published sites are stored)

  3. Create a backup for the databases prior to truncation.

  4. Truncate databases one by one by calling the provided script like below (where {sqlite_db} is the full path to the database in question):

    ~# php sqlite_database_truncation_script.php {sqlite_db}

Additional information

[How to] How to remove spam messages from modules Blog/Guestbook on site manually

Have more questions? Submit a request
Please sign in to leave a comment.