Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#25 2006-11-22 12:29:12

jayrope
Plugin Author
From: Berlin
Registered: 2006-07-06
Posts: 687
Website Mastodon

Re: spam, .htaccess, and txp

sorry james, i can’t help you on above question intuitively, maybe you can try the apache help docs on mod_rewrite.

on another note i found this incredibly helpful tutorial on how to built an automated trap for bots that don’t respect the robots.txt file.

it also contains a package on automating insertion of such bots into your .htaccess file, but nevertheless one should keep in mind, that this file probably into something huge pretty fast, which will increase bandwidth used on a server per user significantly then. nevertheless i thougt you migth be interested.

Last edited by jayrope (2006-11-22 12:31:28)


A hole turned upside down is a dome, when there’s also gravity.

Offline

#26 2006-11-22 15:18:11

Alex McKee
Member
From: Gloucester, UK
Registered: 2005-12-17
Posts: 59
Website

Re: spam, .htaccess, and txp

Nice link Jayrope. Cheers.

James, I’ve been suffering the same problem. It’s a pain isn’t it. :(

Offline

#27 2006-11-28 20:10:46

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: spam, .htaccess, and txp

colak wrote:

NyteOwl wrote:

bq. Addendum: oh yeah, the other thing is I want to block IP addresses, not URLs. Will those ideas also work with IP numbers?

IP’s are easy:

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
.
p. Kind of what you need is

order deny,allow
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
deny from xxx.xxx.xxx.xxx
allow from all

you need the last line to define the allow conditional

……………As far As I can tell (see my posted code), this is what I did but its not working…..

Offline

#28 2006-11-29 07:41:10

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

jameslomax wrote:

……………As far As I can tell (see my posted code), this is what I did but its not working…..

This is very strange… May I ask who is your host?


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#29 2006-12-02 01:13:17

marios
Archived Plugin Author
Registered: 2005-03-12
Posts: 1,253

Re: spam, .htaccess, and txp

@Colak,
One question, If you allow me:

I found the following refferrrs in my logs. recently:

http://www.google.com/custom?q=lego+play&hl=en&lr=&safe=off&client=pub-2456819124576563&cof=FORID:1%3BL:www2.incredimail.com/images/google_h_p/envelope_38_30.gif%3BLH:30%3BLW:38%3BLP:1%3BVLC:%23551a8b%3BALC:%23ff0000%3BGFNT:%237777cc%3BGIMP:%23a90a08%3BDIV:%23f4f4f4%3BS:mystart.incredimail.com/english%3B&start=50&sa=N.

From this domain:

cable.ubr03.glen.blueyonder.co.uk

They seem to steel Keyword traffic from my Site.

How can I get rid of them without changing the permlink locations ?

Last edited by marios (2006-12-02 01:19:12)


⌃ ⇧ < ⌃ ⇧ >

Offline

#30 2006-12-02 07:37:36

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

hi marios
I am deducing these from my observations of friends living in the uk visiting my sites
blueyonder is one of the main isps in the uk and cable.ubr03.glen.blueyonder.co.uk seems that it is just one user whose account name in blueyonder is glen whom you can block deny from cable.ubr03.glen.blueyonder.co.uk.

the refferer is is really from http://mystart.incredimail.com/english/ which might be the guilty site – see http://www.incredimail.com. which you can block too…

looking back ‘glen’ might be ok and incredimail seems that is the spammer.

What I would do is block incredimail…

RewriteEngine On
RewriteCond %{HTTP_REFERER} ^http(s)?://(www\.)?incredimail.com/.*$ [NC]
RewriteRule - [R=403,L]

Once the spammer is blocked, I would just submit a sitemap to google and wait…


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#31 2006-12-02 12:37:15

marios
Archived Plugin Author
Registered: 2005-03-12
Posts: 1,253

Re: spam, .htaccess, and txp

@Thanks, colak

What perplexes me with this, is that the Google page, that loads, doesn’t seem to be a real Google page, and then it doesn’t look like a 301 page-hijack either, since the result URL (my Page) links back to my Site normally.

When I look at the page source, I also see these strange URL parts:

www2.incredimail.com/images/google_h_p/envelope_38_30.gif

regards, marios


⌃ ⇧ < ⌃ ⇧ >

Offline

#32 2006-12-03 07:14:50

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

marios wrote:

When I look at the page source, I also see these strange URL parts:

www2.incredimail.com/images/google_h_p/envelope_38_30.gif

I saw that too. It is their logo on the top left…


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#33 2006-12-03 18:48:25

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

My wife’s site is recently showing this in the New Resources:
http://hblack.net/hblack//index.php?page=http://207.226.250.183/tool25.gif?
ok… hblack.net/hblack/ is her site but the rest of the url is unknown to me…
Does anyone have any idea? is this a hacking attempt? is it just a mistyped url?


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#34 2006-12-03 19:36:52

NyteOwl
Member
From: Nova Scotia, Canada
Registered: 2005-09-24
Posts: 539

Re: spam, .htaccess, and txp

Incredimail is insidious – they track everymail that uses their system, included when and if it’s read by the recipient (if you have html mail enabled)


Obsolescence is just a lack of imagination. / 36-bits Forever! / #include <disclaimer.h>;

Offline

#35 2006-12-07 22:04:35

jameslomax
Member
From: UK
Registered: 2005-05-09
Posts: 448
Website

Re: spam, .htaccess, and txp

colak wrote:

jameslomax wrote:

……………As far As I can tell (see my posted code), this is what I did but its not working…..
This is very strange… May I ask who is your host?

Sure.
Its these guys:

http://www.qiq.co.uk/

Who use these guys http://www.heartinternet.co.uk/

Any ideas colak?

Offline

#36 2006-12-08 15:57:31

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,090
Website GitHub Mastodon Twitter

Re: spam, .htaccess, and txp

jameslomax wrote:

Any ideas colak?

I would try different methods…

1.

<Files *>
Order Deny,Allow
Deny from domain1.com
Deny from domain2.it
Deny from domain3.com
Deny from domain4.net
Deny from domain5.de
Allow from all
</Files>

or

2.

SetEnvIf Referer domain1\.com ban
SetEnvIf Remote_Host domain2\.com ban
<Files *>
Order Deny,Allow
Deny from env=ban
Allow from env=allowit
</Files>

or 3 .htaccess

RewriteMap  deflector txt:/path/to/deflector.map
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${deflector:%{HTTP_REFERER}} ^-$
RewriteRule ^.* %{HTTP_REFERER} [R,L]
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND
RewriteRule ^.* ${deflector:%{HTTP_REFERER}} [R,L]

in conjunction with a corresponding rewrite map:

##
##  deflector.map
##

http://www.domain.com/   -
http://www.domain2.com -
http://www.domain3.com/   http://somewhere.com/

Last edited by colak (2006-12-08 15:58:32)


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

Board footer

Powered by FluxBB