[development] My site is under attack (trackbacks, spam and cpu
usage).
Gabor Hojtsy
gabor at hojtsy.hu
Mon Sep 18 14:41:32 UTC 2006
Erm, excuse me, I mixed the issue with referer spam :) Too many issues to
care about at the same time.
Gabor
On Mon, 18 Sep 2006, Gabor Hojtsy wrote:
> We are talking about *trackback* spam, where one of the goals of spammers is
> to poison your page with links based on the referer value.
>
> Gabor
>
> On Mon, 18 Sep 2006, Johan Forngren wrote:
>
>> Do spammers really leave referrers?
>>
>> 2006/9/18, Gabor Hojtsy <gabor at hojtsy.hu>:
>>>
>>> We have some .htaccess directives at weblabor.hu to cut down on
>>> pointless
>>> CPU usage. One is denying requests based on referers (which is
>>> trackback
>>> related too).
>>>
>>> SetEnvIfNoCase Referer ".*(casino).*" BadReferrer
>>> SetEnvIfNoCase Referer ".*(pharmacy).*" BadReferrer
>>> SetEnvIfNoCase Referer ".*(gambling).*" BadReferrer
>>> SetEnvIfNoCase Referer ".*(poker).*" BadReferrer
>>> SetEnvIfNoCase Referer ".*(pills).*" BadReferrer
>>> deny from env=BadReferrer
>>>
>>> Also if you would like to send a proper(!) "Gone" HTTP code to user
>>> agents
>>> who try to request your previously available trackback URLs, you can
>>> do:
>>>
>>> RewriteCond %{REQUEST_FILENAME} !-f
>>> RewriteRule ^trackback - [G]
>>>
>>> This sends a "Gone" HTTP status to the requester. This is better then
>>> an
>>> "Access denied" status, since you explictly state that the resource
>>> does
>>> not exist anymore, and any reference to it should be removed. The
>>> actual
>>> difference in meaning is only relevant for well-behaving bots, not the
>>> spammers, but it is nice to accurately inform well-behaving bots about
>>> the
>>> situation.
>>>
>>>
>>
>
More information about the development
mailing list