Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#13 2006-11-04 19:28:41

hcgtv
Plugin Author
From: Key Largo, Florida
Registered: 2005-11-29
Posts: 2,722
Website

Re: spam, .htaccess, and txp

James, try this:

RewriteEngine On
SetEnvIfNoCase Referer bikinibabes.tv spammer=yes
SetEnvIfNoCase Referer sexherbalpills.com spammer=yes

deny from env=spammer

Then just keep adding lines as you see fit.

Offline

#14 2006-11-05 09:17:21

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

or

SetEnvIfNoCase Referer "^http://www.bikinibabes.tv" BadReferrer
SetEnvIfNoCase Referer "^http://www.sexherbalpills.com" BadReferrer
order deny,allow
deny from env=BadReferrer

or

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?sexherbalpills.com/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?bikinibabes.tv/.*$ [NC,OR]
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?atlantis-asia.com/.*$ [NC]
RewriteRule - [R=403,L]

many options:)


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#15 2006-11-05 13:23:51

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: spam, .htaccess, and txp

Heh, looks good. Do these people actually do this as another form of spam, so you get to see their crap in your referrer logs?
Anyway, whether its that or just continuing attempts to post comments, I want to block it.

One question though:

- thats 3 different methods; is any one of them better than others, for example if there are issues about server configuation (as Zem seemed to suggest), would one of these be better than others?
(I don’t want to find, for example, I’m blocking other sites from visiting as well…..)

Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs.
Will those ideas also work with IP numbers?

Last edited by jameslomax (2006-11-06 10:56:55)

Offline

#16 2006-11-06 19:30:07

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 687
Website Mastodon

Re: spam, .htaccess, and txp

Colak, looking great.
How would you redirect to your own site’s start page for instance?
edit: oh by
bq. RewriteRule (.*) /mysite.com/index.php

maybe?
no that doesn’t work here…

Last edited by jayrope (2006-11-06 20:49:31)


A hole turned upside down is a dome, when there’s also gravity.

Offline

#17 2006-11-06 21:30:40

NyteOwl
Member
From: Nova Scotia, Canada
Registered: 2005-09-24
Posts: 539

Re: spam, .htaccess, and txp

Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs. Will those ideas also work with IP numbers?

IP’s are easy:

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
.
.
.


Obsolescence is just a lack of imagination. / 36-bits Forever! / #include <disclaimer.h>;

Offline

#18 2006-11-06 21:33:03

Mary
Sock Enthusiast
Registered: 2004-06-27
Posts: 6,236

Re: spam, .htaccess, and txp

Assuming the spammer is stupid enough to not hide/change his IP, of course. IP banning should be considered a temporary measure, helpful for when you’re getting hammered by the same IP.

Offline

#19 2006-11-06 21:36:52

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 687
Website Mastodon

Re: spam, .htaccess, and txp

here’s some typical code for denying hotlinking on media files

RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?singingfish.com/.*$ [NC,OR]
RewriteRule .*\.(mp3|jpg|gif|png|avi|mpg|wmv)$ / ®

uhm, answering my own quest i guess. thanx colak. i drew inspiration (means knowledge) from apaches 1.3 mod_rewrite docs


A hole turned upside down is a dome, when there’s also gravity.

Offline

#20 2006-11-07 07:53:41

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

NyteOwl wrote:

bq. Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs. Will those ideas also work with IP numbers?

IP’s are easy:

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
.
p. Kind of what you need is

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
allow from all

you need the last line to define the allow conditional

@ jayrope

Just visited this thread glad you found the solution…

Last edited by colak (2006-11-07 07:54:57)


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#21 2006-11-07 09:18:57

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: spam, .htaccess, and txp

Hmm interesting.

Can I just insert that anywhere in the .htaccess code colak? Or does it need to go inside another variable/whatever? It certainly looks the simplest way of doing this……albeit, as Mary says, its probably not advisable to permanently block a series of IPs.

Ha! – losers.
We understand this stuff, we can block this stuff, you lose.

Last edited by jameslomax (2006-11-07 10:26:31)

Offline

#22 2006-11-07 15:51:42

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 687
Website Mastodon

Re: spam, .htaccess, and txp

The problem with banning IPs is mostly, that you won’t grab a spammer on a dynamic IP with this.
I’m pretty sure, that spammers are aware of this and prefer dynamic IP ISPs to spread the evil.
What does the user agent information on the spammers look like? you might be able to define a rule, that denies by user agent.

Here’s an article about doing this without the use of mod_rewrite, although that doesn’t affect spammers, rather harvesters and alike

and here’s one about blocking by IP.

Last edited by jayrope (2006-11-07 16:04:09)


A hole turned upside down is a dome, when there’s also gravity.

Offline

#23 2006-11-07 18:16:53

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,091
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

There is the secondary problem with filling the htaccess with all these “denials”. For every visitor your site gets, the htaccess is loaded first so if you have a 10k htaccess and 100 legit visitors/day 1Mb of your bandwidth goes to waste. Also the speed of the site can be affected as the htaccess file gets larger. In reality spammers keep on changing their ips so keeping up with them can become a full time job. If they are comment spammers there are enough plugins here to help us strengthen the already quite strong txp comment system, if they are referrer spammers, unless they are persistent (say over 5-10 hits a day for days on end), I tend to ignore them.


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#24 2006-11-18 18:39:27

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: spam, .htaccess, and txp

Hey guys, my file’s not working.
Can anyone see whats wrong with this:

DirectoryIndex index.php index.html
Options +FollowSymLinks RewriteBase /relative/web/path/
order deny,allow
deny from 81.177.15.237
deny from 81.177.15.236
deny from 193.93.237.33
deny from 206.83.210.191
allow from all
<IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_FILENAME} -f [OR] RewriteCond %{REQUEST_FILENAME} -d RewriteRule ^(.+) – [PT,L] RewriteRule ^(.*) index.php
</IfModule>

Offline

Board footer

Powered by FluxBB