spam, .htaccess, and txp

hcgtv · 2006-11-04 19:28:41

James, try this:

RewriteEngine On
SetEnvIfNoCase Referer bikinibabes.tv spammer=yes
SetEnvIfNoCase Referer sexherbalpills.com spammer=yes

deny from env=spammer

Then just keep adding lines as you see fit.

colak · 2006-11-05 09:17:21

or

SetEnvIfNoCase Referer "^http://www.bikinibabes.tv" BadReferrer
SetEnvIfNoCase Referer "^http://www.sexherbalpills.com" BadReferrer
order deny,allow
deny from env=BadReferrer

or

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?sexherbalpills.com/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?bikinibabes.tv/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?atlantis-asia.com/.*$ [NC]
RewriteRule - [R=403,L]

many options:)

jameslomax · 2006-11-05 13:23:51

Heh, looks good. Do these people actually do this as another form of spam, so you get to see their crap in your referrer logs?
Anyway, whether its that or just continuing attempts to post comments, I want to block it.

One question though:

- thats 3 different methods; is any one of them better than others, for example if there are issues about server configuation (as Zem seemed to suggest), would one of these be better than others?
(I don’t want to find, for example, I’m blocking other sites from visiting as well…..)

Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs.
Will those ideas also work with IP numbers?

Last edited by jameslomax (2006-11-06 10:56:55)

jayrope · 2006-11-06 19:30:07

Colak, looking great.
How would you redirect to your own site’s start page for instance?
edit: oh by
bq. RewriteRule (.*) /mysite.com/index.php

maybe?
no that doesn’t work here…

Last edited by jayrope (2006-11-06 20:49:31)

NyteOwl · 2006-11-06 21:30:40

Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs. Will those ideas also work with IP numbers?

IP’s are easy:

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
.
.
.

Mary · 2006-11-06 21:33:03

Assuming the spammer is stupid enough to not hide/change his IP, of course. IP banning should be considered a temporary measure, helpful for when you’re getting hammered by the same IP.

jayrope · 2006-11-06 21:36:52

here’s some typical code for denying hotlinking on media files

RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?singingfish.com/.*$ [NC,OR]
RewriteRule .*\.(mp3|jpg|gif|png|avi|mpg|wmv)$ / ®

uhm, answering my own quest i guess. thanx colak. i drew inspiration (means knowledge) from apaches 1.3 mod_rewrite docs

colak · 2006-11-07 07:53:41

NyteOwl wrote:

bq. Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs. Will those ideas also work with IP numbers?

IP’s are easy:

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
.
p. Kind of what you need is

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
allow from all

you need the last line to define the allow conditional

@ jayrope

Just visited this thread glad you found the solution…

Last edited by colak (2006-11-07 07:54:57)

jameslomax · 2006-11-07 09:18:57

Hmm interesting.

Can I just insert that anywhere in the .htaccess code colak? Or does it need to go inside another variable/whatever? It certainly looks the simplest way of doing this……albeit, as Mary says, its probably not advisable to permanently block a series of IPs.

Ha! – losers.
We understand this stuff, we can block this stuff, you lose.

Last edited by jameslomax (2006-11-07 10:26:31)

jayrope · 2006-11-07 15:51:42

The problem with banning IPs is mostly, that you won’t grab a spammer on a dynamic IP with this.
I’m pretty sure, that spammers are aware of this and prefer dynamic IP ISPs to spread the evil.
What does the user agent information on the spammers look like? you might be able to define a rule, that denies by user agent.

Here’s an article about doing this without the use of mod_rewrite, although that doesn’t affect spammers, rather harvesters and alike

and here’s one about blocking by IP.

Last edited by jayrope (2006-11-07 16:04:09)

colak · 2006-11-07 18:16:53

There is the secondary problem with filling the htaccess with all these “denials”. For every visitor your site gets, the htaccess is loaded first so if you have a 10k htaccess and 100 legit visitors/day 1Mb of your bandwidth goes to waste. Also the speed of the site can be affected as the htaccess file gets larger. In reality spammers keep on changing their ips so keeping up with them can become a full time job. If they are comment spammers there are enough plugins here to help us strengthen the already quite strong txp comment system, if they are referrer spammers, unless they are persistent (say over 5-10 hits a day for days on end), I tend to ignore them.

jameslomax · 2006-11-18 18:39:27

Hey guys, my file’s not working.
Can anyone see whats wrong with this:

DirectoryIndex index.php index.html
Options +FollowSymLinks RewriteBase /relative/web/path/
order deny,allow
deny from 81.177.15.237
deny from 81.177.15.236
deny from 193.93.237.33
deny from 206.83.210.191
allow from all
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.+) – [PT,L] RewriteRule ^(.*) index.php
</IfModule>

Textpattern CMS

Textpattern CMS support forum

#13 2006-11-04 19:28:41

Re: spam, .htaccess, and txp

#14 2006-11-05 09:17:21

Re: spam, .htaccess, and txp

#15 2006-11-05 13:23:51

Re: spam, .htaccess, and txp

#16 2006-11-06 19:30:07

Re: spam, .htaccess, and txp

#17 2006-11-06 21:30:40

Re: spam, .htaccess, and txp

#18 2006-11-06 21:33:03

Re: spam, .htaccess, and txp

#19 2006-11-06 21:36:52

Re: spam, .htaccess, and txp

#20 2006-11-07 07:53:41

Re: spam, .htaccess, and txp

#21 2006-11-07 09:18:57

Re: spam, .htaccess, and txp

#22 2006-11-07 15:51:42

Re: spam, .htaccess, and txp

#23 2006-11-07 18:16:53

Re: spam, .htaccess, and txp

#24 2006-11-18 18:39:27

Re: spam, .htaccess, and txp

Board footer