Trackback Spam
Wow, I woke up this morning and I had about 90 trackback spams all from different IPs saying the exact same thing.
I had a small talk to Jeremy Wright last night and he recommended playing with filters (about 45 of them passed the filters and I updated some of my custom-written filters and added them to the trackback.php file) and using Spammer Tar Pit, which is explained on the page as so:
What it does
If you have any IP numbers listed in your moderation_keys setting (that’s where you put the spam words in the Comment Moderation setting under Discussion Options), this plugin will check them against the current visitor’s IP number. If it matches, the visitor will get a delay (that’s the tar pit – it slows them down), then an “Access Denied” message. You can customize the delay time and the message of course. Advanced users can also add additional IP matches manually, should they so desire. You might want to do that in order to match against an entire IP block, for instance.
I think I’ll begin installing it now and see how it works out. I have a few IPs to block. 
Revision: It’s installed, let’s try it out now .
4 Comments »
The URI to TrackBack this entry is: https://linux-blogger.com/2005/02/01/trackback-spam/trackback/
RSS feed for comments on this post.
Leave a comment
Line and paragraph breaks automatic, e-mail address never displayed, HTML allowed: <a href="" title="" rel=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>
the trackback spammer is the same as the comment spammer. you can also block them in your htaccess using:
RewriteCond %{HTTP:VIA} ^.+pinappleproxy
RewriteRule .* - [L,F]
Comment by cindy — 2/1/2005 @ 11:24 am
Yeah, just this time, it got through my filters.
Problem was, I had added a bunch of this to wp-comments-post.php but not in trackback.php (just removed it to try the tar pit plugin):
if ( strpos($_POST[’url’], ‘texas-holdem’) )
{
header("HTTP/1.0 404 Not Found");
die();
}
if ( strpos($_POST[’url’], ‘poker’) )
{
header("HTTP/1.0 404 Not Found");
die();
}
if ( strpos($_POST[’url’], ’sindyhalliday.com’) )
{
header("HTTP/1.0 404 Not Found");
die();
}
if ( strpos($_POST[’url’], ‘payday-loan-today.com’) )
{
header("HTTP/1.0 404 Not Found");
die();
}
if ( strpos($_POST[’url’], ‘dish-network’) )
{
header("HTTP/1.0 404 Not Found");
die();
}
That looks nice, I was hoping to block VIA proxy. If this doesn’t get most of it, I’ll try that.
Comment by Clete R. Blackwell 2 — 2/1/2005 @ 11:30 am
And yes, I could have done it in one if(), but I was lazy
.
Comment by Clete R. Blackwell 2 — 2/1/2005 @ 11:31 am
90? Thats’ nothing. When isvery1337 was relatively established it got bullets of 3000 every couple of days…
Comment by Nathan Wong — 2/1/2005 @ 12:14 pm