I have written about the Yourls system previously that allows you to host your own link shortener. I have been using it for years now and it works incredibly well.
However, when I logged in last week I noticed that it had been flooded with spam entries. I immediately changed my api key and password but neither stopped the entries. I was confused until I read this post on the Yourls blog.
I removed all the sample-*.php.txt pages and all the spam went away so I strongly suggest that you do so too. I ave looked at the latest release and those files don’t seem to be present any more so this may only apply to old versions.