Blocking spammers with mod_rewrite

[NewEraCracker]

If you don't have APIs installed in your site that require POST method you can add this to .htaccess

# Mitigate the spammers
<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP:Accept-Language} ^$
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
RewriteCond %{SERVER_PROTOCOL} ^(HTTP/1.0)
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
</IfModule>

It blocks POST requests from all clients without referer header and without Accept-Language header (automated form submission) and blocks POST requests from any HTTP/1.0 client (bots don't need POST)

-------

If you use nginx as apache reverse proxy. It downgrades requests to HTTP/1.0 and you lose the original HTTP version so just use:

# Mitigate the spammers
<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP:Accept-Language} ^$
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
</IfModule>

Regards,
NewEraCracker

 

[Ash]

Thanks for this NEC

 

[XSLTel]

Thank you very much NEC

 

[bmoeller]

Try using this site . HERE
Comes in handy when you need to quail spammers from certain countries

 

[NewEraCracker]

I have improved the checking. Shoudn't block legit requests without Referer Header

 

[EnCiPh3r]

LOL Most of site owners wont add it because only multiposters post on their site

 

[NewEraCracker]

You can allow multiposters by excluding the first set of rules and leaving this in .htaccess.

<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{SERVER_PROTOCOL} ^(HTTP/1.0)
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
</IfModule>

This will still block spambots that rely in old libs that still use HTTP/1.0

DON'T USE THIS, IF YOU USE NGINX!

 

[GoPantheoN]

Just a doubt, will this ban all the auto posters or some of them ?

Edit : Learnt that it ll block most of the old ones.

 

[Perl]

Hey i used this but when i try to use any Ajax related work and try to move / prune any posts or even try to make new posts manually

Its says

406 Not Acceptable

An appropriate representation of the requested resource /index.php could not be found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Any help ?? FYI I use IPB 3.1.4

Tested few things it only occurs when you put last 3 lines

<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{SERVER_PROTOCOL} ^(HTTP/1.0)
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
</IfModule>

Any solution ?

 

[Ruriko]

what if I use nginx?

 

[NewEraCracker]

If you use nginx as apache reverse proxy. It downgrades requests to HTTP/1.0 and you lose the original HTTP version so just use:

# Mitigate the spammers
<IfModule rewrite_module>
RewriteEngine On
RewriteCond %{HTTP_REFERER} ^$
RewriteCond %{HTTP:Accept-Language} ^$
RewriteCond %{REQUEST_METHOD} ^(POST)
RewriteRule .* - [R=406]
</IfModule>

 

[Ov3rlord]

Blocking spammers is not always a great idea, I have had websites where I have deleted their spam comments, stopped their comments and my traffic died.