Tag Archive for: .htaccess

Quickly Dealing with Website Spam Bots

/by

website-spammers-1If you look in the image to the right, one of the community based sites I’m involved with was seeing a higher than normal user count for this time of the morning, which probably meant that it was being attacked by users or most likely spam bots.

Looking through the IP addresses, there was a common theme the IP ranges 180.76.6.* and 180.76.5.* which are located in China (we have no users in China see here for a lookup tool)

Now that’s pretty easy to crudely solve using a .htaccess file, regex and apache rerewrite rules.

Because I want to cover two subnets, I’ve written two rules, they are simply:

#180.76.6.* and .5
RewriteCond %{REMOTE_ADDR} ^180\.76\.5\.
RewriteRule .* http://www.google.com [R,L]

RewriteCond %{REMOTE_ADDR} ^180\.76\.6\.
RewriteRule .* http://www.google.com [R,L]

If you desired to just block a single address then you would need a slightly different rule, which would be:

RewriteCond %{REMOTE_ADDR} ^180\.76\.6\.183$
RewriteRule .* http://www.google.com [R,L]

This won’t stop their current connection, but as soon as the user agent goes to reload or navigate to another page, then in this example they’ll be sent to google.com instead (although I can assure you they are not being redirected to google in the live example of this).

Coping with a siege such as this example speed is of the essence and this is a quick and dirty way of dealing with them and also highly amusing as you chose where they are redirected to (but for goodness sake, make sure you check this works with your IP or IP range first!)

Ideally configuring a firewall wall before they even hit the site would be more suitable along with a few other methods of identifying them without being altered to the attack in the first place.

Dealing with WordPress Spam Comments – Two Viable Solutions

/by

Ignoring Askami from the conversion which will capture almost all comment spam, you may feel that there is little you can do to stop the wades of WordPress spam comments from being left.

Yes, you could add a captua to the comments box, there are several wordpress plugins that do this, but me being a geek prefer more server based options, here are two of my favourites both with the same effect.

wordpress-comment-spam

.htaccess Redirects

This is the simpler of the two, I have used this for years for keeping banned players out our community websites, in the example below, I replacing it the site with google.com, but it could readily be any site you want, http://yougotrickrolled.com/ is always a good one, I’ll leave the destination to your own selection.

If your hosting provider (or you have enabled htaccess in your Apache config, on by default), then this is a simple, but effective way of redirecting spammers:

RewriteCond %{REMOTE_ADDR} ^188\.143\.232\.39$
RewriteRule .* http://www.google.com [R,L]

This adds a RewriteCond for the IP address and then using RewriteRule sends them to your chosen destination. Most amusing.

http.conf Edits

This is favoured when working in a development environment to keep a site only to specific IP addresses, but it easily works in reverse to keep out entire subnets. After a unfortunate experience with an Indian development company I needed to block four subnets, this worked wonderfully well.


order deny,allow
deny from 125.111.67.240
deny from 122.169

This works by selectively denying either specific IP addresses like in the first line or entire subnets.

If working in a development environment and say your IP was ‘125.111.67.240’ then you could deny everyone else and allow yourself through using:


order deny,allow
deny from All
allow from 125.111.67.240

Enjoy.