« Amusing | Main | Airport tip »

Comment spam and mod_rewrite

In my never-ending quest to fight comment spam in my weblog I have been closing off older entries to comments. This works remarkably well, comment spam has come down significantly. Unfortunately, the attempts have not. A simple sampling of my log shows over 200 POST requests today to entries with turned off comments. Obviously, a spam bot. This begs for a new rewrite rule. Granted, the comments were not posted, but it annoys me regardless.. so from now on, if you wish to make a POST request to my server there is a new condition.. you need to be referred from my domain.. Turned off the referer in your browser? Bummer.. you can't post comments.



RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} !.mt-tb\.cgi*
RewriteCond %{HTTP_REFERER} !.*unix-girl\.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^-$
RewriteRule (.*) /post_error.html [R,L]

The above Rule will send anyone who tries to post to my server without a referer from my domain to an error page. Of course, many spam bots use the actual url they're posting to as a referer.. for those just need to depend on either the user agent (one I saw was just "-") or some idea I'll come up with later.

Side benefit: also stops all those stupid scripts looking for formmail and friends.

Edit: Added a line which will except trackbacks.

Posted by kasia on April 28, 2004 10:38 PM |

TrackBack

Listed below are links to weblogs that reference Comment spam and mod_rewrite:

» Blog comment spam from An Everyday Nerd
This is a call to bloggers who read this about what they... [Read More]

Tracked on April 29, 2004 05:18 PM

» More on stopping spam from Lynne ydw i
I hate spam as much as the next person, so when something is suggested to help combat it, I'm always willing to give it a go. So in addition to the MT blacklist, and closing off comments after xx days,... [Read More]

Tracked on April 30, 2004 09:17 AM

» Countering comment spam with mod_rewrite from Heal Your Church Web Site
Even though you may have installed Jay Allen's MT-Blacklist to thwart comment spam, wouldn't it be nice to deny spambots from consuming your system's bandwidth and CPU by redirecting them to a 'error page' especially designed for our vermonous visitors... [Read More]

Tracked on May 7, 2004 10:17 AM

» Countering comment spam with mod_rewrite from Heal Your Church Web Site
Even though you may have installed Jay Allen's MT-Blacklist to thwart comment spam, wouldn't it be nice to deny spambots from consuming your system's bandwidth and CPU by redirecting them to a 'error page' especially designed for our vermonous visitors... [Read More]

Tracked on May 7, 2004 10:22 AM

» has a geek link from pippa said
Courtesy of Lance, A way to get rid of comment spambots using .htaccess. I figured that maybe the non-geeks who don't read my blog would be interested.... [Read More]

Tracked on May 8, 2004 02:09 AM

» Too much rope from Flashes of Panic
It turns out that Kasia’s comment spam hack with mod_rewrite also blocks a desktop weblog client (like ecto) from posting. To make another exception, add this line: RewriteCond %{REQUEST_URI} !.mt-xmlrpc.cgi* I’d put this in a comment, but ... [Read More]

Tracked on September 2, 2004 04:01 PM

Comments

Careful spammers..Kasia bites.. :)

Posted by: david | April 29, 2004 12:55 AM

What a great idea! I too was able to drastically reduce comment spam by closing older comments. I'm doing it with an MT plug in, but this would be a good next step.

Posted by: Chris O'Donnell | April 29, 2004 08:35 AM

Neet Idea! But you are also blocking Trackbacks I discovered.

Posted by: Lance | April 29, 2004 09:15 AM

D'oh, trackbacks should work again, thanks :)

Posted by: kasia | April 29, 2004 09:28 AM

Handy idea. I have been taking to blocking GETS on images where my site isn't the referer.

Posted by: Stewart Vardaman | April 30, 2004 02:58 PM

Kasia, btw, guys like Garnett and his stinko 'lnxwvs' site are exactly the reason I employ Jay Allen's MT-Blacklist ... though I am going to employ your most excellent hacks as well ...

Posted by: Mean Dean | May 8, 2004 08:10 AM

if this works on my domain, i will shed tears of joy.

[found via Pippa Said]

Posted by: bran | May 27, 2004 11:50 PM

Correct me if I am wrong, but surely this will block all scripts etc. on your site that are posted-to from other servers. I can't think of an example situation for this, but surely it would better to specifically rewrite for just mt-comment.cgi???
i.e.
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .mt-comment\.cgi*
RewriteCond %{HTTP_REFERER} !.*unix-girl\.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^-$
RewriteRule (.*) /post_error.html [R,L]

Posted by: Ed | June 1, 2004 03:47 PM