[wp-hackers] Trackback Spam

Allen Parker infowolfe at gmail.com
Tue Feb 1 14:31:19 GMT 2005


On Tue, 1 Feb 2005 05:23:41 -0900, Allen Parker <infowolfe at gmail.com> wrote:
<snip>
forgot to add, sorry for the top post, very tired, ALSO... since this
uses header(location: xyz.php); it *does not* mess with site
statistics/logs. everything shows like it should in your stats
programs....

also, a 403 (forbidden) message would probably be the kindest way to
tell these punters to go somewhere else, if you want to be more rude,
feel free... a quick idea:

$$: tarpit1.php :$$
<?php
sleep(10);
header("location: tarpit2.php");
?>
$$: tarpit2.php :$$
<?php
sleep(10);
header("location: tarpit1.php");
?>

include a common counter per ip/sessionid, whatever, and you'd have a
very effective way of keeping these kinds of people occupied with very
little bandwidth penalty on your end. you'd definately want to keep
the sleep below 30 seconds, as i'm not exactly sure if that'd trigger
a http/1.0 client's timeout ;-)
make them pass through  30 rotations and you've wasted 5 minutes of
their machine's time... fight fire with tar ;-)


-- 
________________________________________
To avoid being added to my spam filter:
1. Utilize list replies unless otherwise requested.
2. If you DO send me a personal email, use english.
3. HTML isn't cute. It belongs on the web, not in my inbox.


More information about the hackers mailing list