Textpattern CMS support forum
You are not logged in. Register | Login | Help
- Topics: Active | Unanswered
spam, .htaccess, and txp
I’ve just got comment spammed, 260 times.
I didnt actually see my live site, but it must have been unpleasant: in every comment, there were links to skanky porn sites.
How can you quickly and easily ban IP addresses from even visiting your site, using the .htacess file?
Stuart once gave me a useful .htacess file, with a list of crappy IPs and some code that blocked them (you still here Stu? not seen you for a while).
How can you delete the content/comment listing, when you’ve got over 3 pages of crap, while maintaning the IP bans for all those comments?
And for the sake of a good cause, fellow txp.ers, here are the IPs:
81.177.15.58 medved 45 unban
2006-10-27 81.177.15.72 medved 51 unban
2006-10-27 81.177.15.85 pipetka 75 unban
2006-10-27 81.177.15.54 thomson 81 unban
2006-10-27 81.177.15.60 timoshka 87 unban
2006-10-27 81.177.15.68 nervotrepka 93 unban
2006-10-27 81.177.15.73 preved 111 unban
2006-10-27 81.177.15.63 preved 117 unban
2006-10-27 81.177.15.56 preved 120 unban
2006-10-27 81.177.15.82 thomson 129 unban
2006-10-27 81.177.15.71 kolyma 135 unban
2006-10-27 81.177.15.89 timoshka 147 unban
2006-10-27 81.177.15.61 tabletka 153 unban
2006-10-27 81.177.15.86 kartoshka 165 unban
2006-10-27 81.177.15.83 kranik 186 unban
2006-10-27 81.177.15.80 tabletka 188 unban
2006-10-27 81.177.15.67 kranik 202 unban
2006-10-27 81.177.15.59 nervotrepka 206 unban
2006-10-27 81.177.15.76 tabletka 212 unban
2006-10-27 81.177.15.69 kartoshka 218 unban
2006-10-27 81.177.15.64 tabletka 228 unban
2006-10-27 81.177.15.81 tester 236 unban
2006-10-27 81.177.15.87 medved 237 unban
2006-10-27 81.177.15.79 pipetka 246 unban
2006-10-27 81.177.15.90 medved 254 unban
2006-10-27 81.177.15.66 tabletka 260 unban
2006-10-27 81.177.15.75 kranik 284 unban
2006-07-31 218.11.207.244 Sam 26 unban
I might add that there may have been some strange hijack bullshit going on, and those IPs had been exploited. Not sure – but if anyone knows about stuff like that, I’m interested to hear. I say this, because I got links like this suggesting an Australian university:
http://cgi.cse.unsw.edu.au/~cs9242/wiki/lib/exe/fetch.php?id=cross_compiling_for_slug&cache=cache&media=wiki:buy-phentermine.html
Last edited by jameslomax (2006-10-27 20:30:26)
Offline
Re: spam, .htaccess, and txp
I haven’t disappeared entirely James. Well not yet. ;)
Using htaccess is really only one tool amongst several that can be used in combination against these brain-dead individuals. In the case you show above I would conclude that this is a single individual using multiple IP addresses which makes the htaccess route a little difficult. You could block 81.177.15 which would take care of all the variables for the fourth number set or you could do what I do which is to install 2 plug-ins. The first, mrw_spamkeywords_urlcount, allows you to block comments that contain more than a set amount of URLs. The second, asy_captcha, requires that the commenter enter a unique code which is generated when the preview button is pressed.
Last edited by thebombsite (2006-10-27 21:20:11)
Stuart
In a Time of Universal Deceit
Telling the Truth is Revolutionary.
Offline
Re: spam, .htaccess, and txp
Ah, great. Thanks Stuart – didnt know about those plug ins.
This is the first time its happened to me, and they ran another attack about an hour ago – some got through, I assume there was a lot more, so I just banned a couple more IPs. Don’t know what these annoying idiots think they’re doing, but it achieves nothing except wastes my time.
Offline
#4 2006-10-27 21:34:33
- zem
- Developer Emeritus
- From: Melbourne, Australia
- Registered: 2004-04-08
- Posts: 2,579
Re: spam, .htaccess, and txp
James,
What version of Textpattern are you using?
Textpattern’s comment page has a multi-edit control for banning and deleting many comments at once.
Alex
Offline
Re: spam, .htaccess, and txp
4.03 zem.
Is the multiple feature in there? If so, I didnt notice it.
I’ve now got this problem though: 3 pages of greyed-out comments on the admin page, which are IP-blocked, which I dont want to keep seeing. I didn’t actually delete them, because I wanted to block the suckers.
I now can’t see:
- if I still have to delete them (even though they’re no longer evident on my site)
- if so, how I can delete them, now they’re greyed out: I can’t see how you do it.
Last edited by jameslomax (2006-10-28 00:38:21)
Offline
Re: spam, .htaccess, and txp
Also: I’m still getting porn sites in my referrer logs. I think its a related problem, its using bandwidth, and I’d like to ban the suckers from even seeing my site.
How can you block IP adresses from even seeing a site?
Offline
#7 2006-10-28 01:05:41
- zem
- Developer Emeritus
- From: Melbourne, Australia
- Registered: 2004-04-08
- Posts: 2,579
Re: spam, .htaccess, and txp
I think you’ll find most of your comment problems are gone in 4.0.4.
To completely block a site you’ll need to edit .htaccess or your web server config. It’s server dependent, so ask your hosting company how.
Referrer log spam is almost impossible to block.
Last edited by zem (2006-10-28 01:07:28)
Alex
Offline
Re: spam, .htaccess, and txp
Hi James,
had the same problem which included the edu spammer too.
Fought it by using mrw_spamkeywords_urlcount and the plugin mod by Sencer here
I also installed asy_stopdude for good measure. All spam seems to have stopped since then.
Last edited by colak (2006-10-28 06:01:52)
Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.
Offline
Re: spam, .htaccess, and txp
Thanks guys.
It seems to have stopped now with the IP bans and a few of those plug ins.
Its not difficult to nuke them, it seems, its just a bit time consuming.
However, what about this:
I’ve now got this problem : 3 pages of greyed-out comments on the admin page, which are IP-blocked, which I dont want to keep seeing. I didn’t actually delete them, because I wanted to block the suckers.
I now can’t see:
- if I still have to delete them (even though they’re no longer evident on my site)?
- if so, how I can delete them, now they’re greyed out, and also maintain the IP blocks? I can’t see how you do it.
Addendum: if you can’t do this in the interface (?), can any SQL wizards advise me on some code to insert in Rob’s run_sql plug in?
Last edited by jameslomax (2006-10-28 10:09:49)
Offline
Re: spam, .htaccess, and txp
The bans affect the IPs, it is totally irrelevant whether you keep the comments hidden, or wether you delete them.
To muti-delete comments, you have special controls at the bottom of the comment list on the admin-side, you can select all (those in view), and select delete from the dropdown.
Offline
Re: spam, .htaccess, and txp
Doh!
I’ve just worked it out. In most of those spam comments, there were very long URL links that meant there was a very long horizontal scroll bar at the bottom of the page, which meant I couldn’t see the multiple select and delete on the right of the page.
Thanks guys.
Offline
Re: spam, .htaccess, and txp
zem wrote:
I think you’ll find most of your comment problems are gone in 4.0.4.
To completely block a site you’ll need to edit .htaccess or your web server config. It’s server dependent, so ask your hosting company how.
Referrer log spam is almost impossible to block.
I want to block these porn sites from reading my pages. They keep doing this, big time, while they try to post more crappy comment spam. I’ve blocked them from doing that – ha!, losers – but I’m fed up with seeing XXXXXXX sites in my referrer logs.
Can you suggest a few lines of code I could try in my .htaccess file?
My host company are useless; they don’t provide that kind of support.
Offline