Blocking trackback spammers - Printable Version +- Linux-Noob Forums (https://www.linux-noob.com/forums) +-- Forum: Linux Server Administration (https://www.linux-noob.com/forums/forum-8.html) +--- Forum: Security and Firewalls (https://www.linux-noob.com/forums/forum-87.html) +--- Thread: Blocking trackback spammers (/thread-1216.html) |
Blocking trackback spammers - hybrid - 2007-08-10 I run my own CentOS 5-based web server which powers my website among a couple of others. I have a WordPress blog which attracts quite a lot of comment and more recently trackback spam. I use the Akismet service, so it rarely ever gets through, but I'm finding from my server logs that I'm getting hit quite frequently by spammers giving it a try, sometimes every few seconds for several minutes at a time. Sitting there tail -f'ing the access_log when they do this and it becomes apparent they're knocking on the door quite frequently. I'd like to be able to implement some solution to block IPs if they attempt to do more than a few trackbacks in a certain amount of time. I'm running the latest version of Apache 2.2 in the CentOS 5 repositories. Here's an example from /var/log/httpd/access_log of the kind of thing I mean: Code: 72.232.150.250 - - [10/Aug/2007:07:26:10 +0100] "POST /blog/2007/01/10/wpget-a-question-to-all-users/trackback/ HTTP/1.0" 302 338 "http://peter.upfold.org.uk/blog/2007/01/10/wpget-a-question-to-all-users/trackback" "TrackBack/1.02" There are a few factors that might help in determining rules to implement:
Thanks guys in advance. :) Blocking trackback spammers - znx - 2007-08-12 Ban by the USER AGENT, it has to be the best way. In an .htaccess file at the DocumentRoot level place. Code: SetEnvIfNoCase User-Agent "^TrackBack" trackback You can do <Limit GET POST HEAD> if they use GET and HEAD as well. Oh wait though, do you want to only ban those that are constantly knocking on your door? Blocking trackback spammers - hybrid - 2007-08-12 Yeah, I could disable trackbacks entirely from WP and I guess they would all give up eventually if it kept 404'ing. There are still legitimate trackbacks I want to allow, so I want to prevent people who are doing it too much, without disabling it entirely. I imagine that would be more complex to do... :) Blocking trackback spammers - znx - 2007-08-13 Quote:I imagine that would be more complex to do... :) Well the only way to do that, would be to include some code inside the trackback code that does some sort of simple check against what came before. Checking for things like, that ip just gave me something, that url has just been fed to me before, that url has arrived too close to another trackback that just occurred. Maybe what you could do is go the whole hog and produce an administration section that lets to you vet the trackbacks, ok'in them in your own time. I don't think there is a directly easy solution. Checking around the web I see some wordpress solutions: [/url]http://blog.mytechaid.com/archives/2005/03...-spam-solution/ ? [url=http://www.optiniche.com/blog/117/wordpres...kback-tutorial/]http://www.optiniche.com/blog/117/wordpres...kback-tutorial/ <-- how it works, maybe to assist with writing your own solution. Blocking trackback spammers - hybrid - 2007-08-15 Thanks for the links and the help znx. :) I will take a look and report back here if I have any success. |