[wp-hackers] Another anti-spam technique

Kitty kitty at mookitty.co.uk
Thu Oct 28 23:14:24 UTC 2004


On Thu, 2004-10-28 at 13:52, John Watson wrote:
> That's not to say this isn't worth doing.  It IS worth it because it
> will reduce your spam *for now*.

I've added the following to the top of wp-comments-post.php;
if( FALSE === strpos( $_SERVER['HTTP_REFERER'], get_settings('siteurl')
) ) {
	header("Location: http://www.google.co.uk");
	die;
}

It's a quick fix, because I was being attacked by a spam botnet , mainly
to find out what I was up against. It seems that the bot was spamming
via direct access, but when I added the above, it turned out that it was
screen scraping. I wound up using my spam-words plugin to gather ip
addresses. There was so much variance in IPs it was hard to compile a
list of IPs to block. I wound up with a useful list, after dropping the
last quad to put into .htaccess. That's stopped 99% of that particular
spammer. 

I think I'm going to work on a plugin that adds IPs to the deny list.
-- 
Cheers,		     Blog: http://blog.mookitty.co.uk
Kitty		     PC Repair: http://www.girltech.net
		     WP Plugins: http://mookitty.co.uk/devblog
Support proactive security: http://www.openbsd.org/orders.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : /pipermail/hackers_wordpress.org/attachments/20041028/a508c168/attachment.bin


More information about the hackers mailing list