Mobile app version of vmapp.org
Login or Join
Deb1703797

: How to stop getting hits from comment spam I have been hosting a photoblog using pixelpost, but have realised it was a haven for comments spam. I've since migrated the site to tumblr. The

@Deb1703797

Posted in: #Comments #Spam #SpamPrevention

I have been hosting a photoblog using pixelpost, but have realised it was a haven for comments spam. I've since migrated the site to tumblr.

The original site was an add-on domain to my hosting plan and the site was available at a domain name as well as through a subfolder on my main domain.

This old photoblog is getting hits around 3 a minute 24/7 targeting example.com/subfolder. I've set .htaccess to issue a 403 for this folder.

the referrer is either blank or coming from my example.com

Is there any other ways to stop these hits?
Will the spammers get the message from the 403 and eventually stop? how long can this take?

Were there any other steps I should take?

Thanks

snippet of error log:

[Tue Jan 28 08:56:23 2014] [error] [client 27.159.195.66] client denied by server
[Tue Jan 28 08:55:59 2014] [error] [client 27.159.205.59] client denied by server
[Tue Jan 28 08:55:11 2014] [error] [client 212.83.191.177] client denied by server
[Tue Jan 28 08:54:17 2014] [error] [client 212.83.137.63] client denied by server
[Tue Jan 28 08:53:46 2014] [error] [client 27.159.193.51] client denied by server
[Tue Jan 28 08:53:31 2014] [error] [client 27.159.195.66] client denied by server
[Tue Jan 28 08:53:29 2014] [error] [client 27.159.195.66] client denied by server
[Tue Jan 28 08:52:30 2014] [error] [client 117.26.254.132] client denied by server
[Tue Jan 28 08:51:37 2014] [error] [client 192.99.4.25] client denied by server co
[Tue Jan 28 08:51:33 2014] [error] [client 27.159.205.69] client denied by server
[Tue Jan 28 08:50:45 2014] [error] [client 216.107.136.125] client denied by serve
[Tue Jan 28 08:50:45 2014] [error] [client 27.159.195.66] client denied by server
[Tue Jan 28 08:48:41 2014] [error] [client 212.83.137.63] client denied by server
[Tue Jan 28 08:48:37 2014] [error] [client 212.83.191.177] client denied by server
[Tue Jan 28 08:48:20 2014] [error] [client 5.153.235.237] client denied by server
[Tue Jan 28 08:48:15 2014] [error] [client 209.148.82.163] client denied by server
[Tue Jan 28 08:48:14 2014] [error] [client 198.27.74.32] client denied by server c
[Tue Jan 28 08:47:27 2014] [error] [client 216.107.136.125] client denied by serve
[Tue Jan 28 08:47:19 2014] [error] [client 212.83.137.63] client denied by server
[Tue Jan 28 08:46:28 2014] [error] [client 198.13.115.226] client denied by server
[Tue Jan 28 08:46:13 2014] [error] [client 27.159.212.23] client denied by server
[Tue Jan 28 08:45:24 2014] [error] [client 118.175.92.74] client denied by server

10.02% popularity Vote Up Vote Down


Login to follow query

More posts by @Deb1703797

2 Comments

Sorted by latest first Latest Oldest Best

 

@Lengel546

Used the following code and it stopped my error log being clogged up, also per other answer, used cloudflare nameservers and routed traffic through them as they target bots.

Cloudflare were reporting about 50% of traffic was a threat.

<?php
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
header( "HTTP/1.1 410 Gone" );
header( 'Location: '.$ip ) ;
?>


the code works out their IP address and redirects back to them sending a 410 (permanently gone header). pretty sweet.

10% popularity Vote Up Vote Down


 

@Jessie594

You could install mod_evasive on the server and with configuration, control how quickly you wish to blacklist IP's (say if they've hit your URL's more than 5 times in 10 seconds for example) - this will quickly blacklist the IP addresses that are bombarding your website.

Although eventually these should stop anyway if you've moved the site. Make sure that maindomain.tld does not contain a link to /subdirectory if some of these are showing as the referrer.

Will extend answer upon the response to my comment...

10% popularity Vote Up Vote Down


Back to top | Use Dark Theme