Now the purpose of this article is not to "name and shame" the developers of Easy Blog, but to make some general points. If there is any shame to go round, it belongs mainly to those dodgy SEO firms who build their business around these kinds of practices, plus the customers who choose to buy their services with no questions asked. I mean, reputable websites do not sell links (at least openly), so if you buy a thousand backlinks for your site, where do you think they are coming from?

So what can be done about this?

Webmasters

Check your site configuration. If there is not a good reason why users should be able to register themselves on your site, disallow it. If you install an extension on your site, check what its default settings allow others to do on your site. Don't just install it, think, well that seems to work: it may come back to bite you.

Users of Easy Blog prior to 5.0.5 can update, or edit the ACL to disallow registered users from creating and publishing. Also use Google Webmaster to check keywords related to your site: if you find references in Polish to a certain rectangular aquatic sponge cropping up, don't say we didn't warn you.

Developers

Choose default settings that protect your users. We know that it is tempting to make everything easy to do with the defaults, because it avoids those irritating support questions from people who cannot be bothered to read the manual, but resist that urge.

Joomla

Well thankfully the defaults for Joomla no longer just any Tom, Dick or Harriet (or indeed Pedro or Nikolay) to register an account.