May 21, 2006

How to deal with spam IPs

by Brian Turner

The problem of automated comment spamming

One of the more serious concerns of the internet these days is spam.

And not email spam, either.

I’m talking about automated comment spamming of online forms.

Scripts exist that will crawl the internet, looking for online forms – which they then fill with a pre-determined set of data.

Often this will include links to other websites – commonly, adult, pharamaceuticals, and gambling websites.

This type of spam is an annoyance way beyond email spam.

The costs of automated comment spamming

Like email spam it is often untargeted and effectively useless, even for the purposes it’s set up for.

But unlike email spam, it’s you who directly pay for – after all, you don’t pay for the bandwidth on your emails, but you do have to pay for the bandwidth on your website.

And that’s before we even include the time required to clear it from your site.

Blog comment spam is one of the main forms of automated comment spam – blogs offer a dangerous combination of automated publishing, and on high PageRank pages, too.

So it’s natural that automated comment spam particularly targets blogs.

Many blogs find it impossible to cope with the spam, and simply close down.

Others put their trust in third-party censor software, that deletes such spam on site.

But even the second solution completely fails to address the fact that you continue to pay for the spam.

If you really want to stop it, you’ll have to identify which IPs are being used to target your site.

Blocking Proxy IPs

Most automated comment spam is done via Open Proxy IPs – servers attached to the internet that are open for anybody to use.

This helps hide the original user IP, and so prevents them being identified. It also makes them much harder to block.

To even begin to do this, you need to take note of the IPs being used to spam you. Most comment forms – especially on the most popular blog software types – will provide an IP address of the sender.

Once you’ve collected these and noted the worst offenders, you can begin to block them.

How to block spam IPs

When running on a Linux box, the main HTML folder of your website where you place your main index file, stores one of the most powerful and flexible files on the server.

Known as .htaccess, this file can be especially useful to rewrite URLs – but you can also use it to block IPs from accessing your website.

The command for doing so is extremely simple – just add the following code to .htaccess and upload it to the root HTML folder of your domain:

order allow,deny
deny from 222.121.127.125
deny from 81.177.14.
allow from all

Already I’ve included two sets of IPs to help illustrate how to use this.

The first line – deny from 222.121.127.125 – tells the server to block access from the single IP 222.121.127.125.

The following line – deny from 81.177.14. – tells the server to block access for all IP’s within the range of 81.177.14.0 – 81.177.14.255.

These are both real examples of real IP’s that are blocked from Platinax – but you should concentrate on compiling your own list.

The main reason being that automated comment spam doesn’t always use Open Proxies – sometimes normal ISP IP’s as used as well – and blocking access by these can block access to your domain for a large number of users.

However, by adding IPs and IP ranges to .htaccess that are plaguing your website with automated comment spam, you can start to address the problem so that you no longer have to pay for your own spam.

For more information and help on issues of blog comment spamming, check out the blog spam board at Security Watch.

Alterantively, feel free to ask for advice or information or help from the Platinax Business Forums.

Discuss this in the Internet Business forums

Story link: How to deal with spam IPs

 

Leave a Reply




 

Previous: «
Next: »

Visited 3426 times, 1 so far today

Posted in: Webmaster