Message Board

Tracking Harvesters/Spammers

Older Posts ]   [ Newer Posts ]
 Comment Spammers..found a way to stop them
Author: L.Huston   (17 Dec 08 12:14pm)
My website has been for the past few months getting pounded by spammers who have used my own contact page to send ...what else spam to porn sites and what have ya. Since I use a special tool to make forms on my Joomla based site I have been unable to place a Captcha on the form as every time I try it breaks the form. I am happy that the newest version of Joomla-1.5 has a Honeypot Module that uses the database here to block spammers.

So in an effort to see how this was being done I made a hidden part of the form that captures the IP and user agents....A disturbing trend was noticed fairly quickly. They were ALL fake user agents, and were proxy servers. Virtually every IP (over 200) were already listed here as spam sources. The next step was to add to my server a script that I found that detects open proxies and prevents them from accessing my site. Since implementing last week I have only had one person use my contact page to send spam, and it was manually done.

After seeing how that script worked, it was easy enough to make an htaccess script to perform the same basic functions. I still use the script method as it collects data that I am thinking may be useful for legal actions.

The full script can be found here.

Please Note: This mod below also blocks Google translation and AOL users. You can remove the first two blocks to allow them, but don't expect it to work as well.

#-Prevent proxy access
RewriteEngine on
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]
 Re: Comment Spammers..found a way to stop them
Author: A.E4   (31 Mar 09 3:40am)
is RewriteCond %{HTTP:VIA} !^$ [OR] = Google Translation and
RewriteCond %{HTTP:FORWARDED} !^$ [OR] = AOL users?

I am a noob and don't understand but it sounded interesting.

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–18, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email