couchtripper

a drop in the ocean
https://forum.couchtripper.com/

Stop forum (and blog) spam

https://forum.couchtripper.com/viewtopic.php?t=11373

Page 1 of 1

Stop forum (and blog) spam

Posted: Tue Apr 06, 2010 11:59 pm
by faceless
This is a potentially useful site if you have a site or blog, but I've a feeling it could be used nefariously if the right checks aren't done...

https://www.stopforumspam.com/

Posted: Wed Apr 07, 2010 12:53 am
by major.tom
That looks interesting, but it's basically an e-mail blacklist, right? So it wouldn't be useful until an e-mail has been added, unless I'm mistaken.

What I do on my (personal) site (without forums) is the following:
  • create a hidden link somewhere on my site
  • reference the hidden link in robots.txt (bad robots will ignore it or possibly even use it as a list of interesting places to poke around)
  • create a Rewrite rule for the elicit location
  • anyone (read anything poking around there gets blacklisted for a set time (3-7 days)
This requires linux + apache + iptables.

The cool thing about this is that it traps web crawlers who don't obey robots.txt, but can't affect the casual user. This is what's known as a "sticky honeypot".

Posted: Wed Apr 07, 2010 12:59 am
by faceless
I got to it through an ip check on someone who registered recently. It smelled suspicious, so a bit of a check showed that it was the same person who'd spammed some other site, using two different emails.

I like your plan there with how you do things. I saw something like it last year with a guy who was protecting the identity of some blogger. He knew who it was, so put a honey-pot in that checked for anyone using the blog alias and the person's real name in a search. When someone put the real person and alias together, he knew the game was up...

Posted: Wed Apr 07, 2010 3:47 am
by major.tom
The heavy lifting (blacklisting) comes largely from an open source script (DAVBlack).

the link:

Code: Select all

<A href<deletethis>="/dontgothere/"><img src="/art/transpixel.gif" height="1" width="1" border="0"></A>
("<deletethis>" is there to make the href appear here)

robots.txt:

Code: Select all

User-agent: *
Disallow: /dontgothere/
I include "dontgothere" in the $REASONS string of DAVblack, and that's 95% of the challenge. (Pretty simple, really.)

The Rewrite rule is mainly for redirecting any references to the same folder to a 500 page. (Permission Denied)

Posted: Wed May 04, 2011 2:30 am
by faceless
[web]https://stopforumspam.com/ipcheck/221.206.36.162[/web]

This was the ip of someone who signed up tonight - the username and email combination set my spidey senses tingling and bingo!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited