Printer Friendly Version
Email this thread to a friend
|
Need potential reciprocal link partners. (In: General Search Engine Optimization)
Featured Web Site Template |
|
There are 0 guests and 2 members in the forums right now.
Reflects user activity within the last 5 minutes
|
|
| Member |
Message |
vanachte
Joined: Feb 10, 2004
# Posts: 405
|
Posted: 2007-Feb-23 18:59
Okay, so yes, I do still have a couple sites that have recip link "add url" pages. I find that they still provide the occasional valuable relelvant recip link.
Now I am working to drastically reduce the SPAM submissions I get. Here is what I did:
I started by adding a PHP random # to use as a verification code and compared that # with the # entered by the user when the form is processed. This works beautifully and invalid verification directs users to an "Error No Bots" type page on my site, and the SPAM Form submission emails stop. (so far none of these has made it through).
Now when looking at my log files I see a TON of traffic getting to the "Error No Bots" page. I dont want to see bandwidth wasted (as it also effects my visitor site stats), so now I still direct them to that page, but I also have an email sent to me with their IP, in an attempt to block the offending IP's and countries right in the .htaccess.
It all sounds simple enough so far, but here is where the confusion comes in.
When these users fill in and submit the form, I grab the IP at two different points. Once from the form itself, and once from the processing PHP page. Quite often I get two entirely different IPs!! (telling me that they are using some kind of rotating proxy perhaps?)
If this is the case, are these IP's I am seeing worth blocking? If its through a proxy, perhaps blocking the full IP MAY help, but blocking the range could block valuable traffic for no reason.
So HELP? Where to go from here? Is there a way I can block these guys entirely? What IP ranges / Countries do you typically block use from?
Any comments are appreciated.
[ Message was edited by: bhartzer 02/23/2007 01:13 pm ]
|
 |
windharp
Joined: Mar 11, 2002
# Posts: 513
|
Posted: 2007-Feb-23 19:02
In one of the directories I participate in, the spam-bots (or maybe the one mose annoying spambot, there is no way to find out if it is just one or many) use random fake IPs. We know because some of those bots hand in hundreds of spams in one go, using hundreds of different IPs which are distributed all around the world. Examination of a large number of those IPs has shown that they do not repeat (or at least not in any systematical way).
In those cases, blocking IPs is useless.
|
|
vanachte
Joined: Feb 10, 2004
# Posts: 405
|
Posted: 2007-Feb-23 19:05
Wow, quick reply - thanks.
So essentially I should just suffer with the bandwidth issue and continue directing them to an error page? Have you found any way at all to ban spammers?
I wonder if there is a way to get around the fake IP and see the TRUE IP... or perhaps gather MAC addresses? Is it possible to see and capture a mac address, then block it with the .htaccess?
|
|
Dinkar
Staff
Joined: Aug 12, 2001
# Posts: 4391
|
Posted: 2007-Feb-23 20:34
Block them using their 'user agent' string. I found it effective to block spam bots.
|
|
vanachte
Joined: Feb 10, 2004
# Posts: 405
|
Posted: 2007-Feb-28 00:49
How do you deny in the .htaccess based on user agent? is it as simply as "deny from xx.xx.xx.xx"
|
|
windharp
Joined: Mar 11, 2002
# Posts: 513
|
Posted: 2007-Mar-13 17:03
Sorry for being excessively late, but I somehow missed your answer.
I wonder if there is a way to get around the fake IP and see the TRUE IP
No, because those bots do not intend to do any bidirectional communication. In one place I ended up implementing a ticket ID service (you like you did), in the other place we have no access to the software.
as it also effects my visitor site stats
Thought about removing that specific page from your stats? All programs I know allow you to configure lots of excluded URLs. Of course the hits to your submission script will still be in there, filtering them takes more than that...
Apart from making the "Error No Bots" page as small as possible, I don't think there is much you can do to limit your traffic load. Maybe renaming your submission script periodically could help, but that of course causes other problems.
Btw: You didn't make the mistake to name your script "submit.*" or "feedback.*" or something similiar? On my private domains I regularly spot attempts to submit to such scripts...
Regarding your .htaccess question: This should be easy to answer with google. I found this:
SetEnvIfNoCase User-Agent "IzyNews/1.0" leecher=yes
order deny,allow
deny from env=leecher
Don't know if it works though.
|
|
You are not permitted to post messages in this forum or topic, because of one or more of the following reasons:
- You have not yet logged in, or registered properly as a member
- You are a member, but no longer have posting rights.
- This is a private forum, for which you do not have permissions.
If you are a recent member, it's possible that you simply have not yet confirmed your account. Please
check your email for a message entitled 'JimWorld Forums: Confirm Your Account' and follow the instructions
contained within.
If you cannot find this message, click here to Re-Send it.
|
If you are still experiencing problem, please read the
Login Assistance
Article for some advice on what may be causing your login not to work properly.
|
Switch to Advanced Editor and ...
Create a New Topic
or Reply to this Thread
|
|
Inbox
