[nycphp-talk] Dealing with forum spammers
sbeam
sbeam at onsetcorps.net
Tue Oct 14 13:53:25 EDT 2008
On Tuesday 14 October 2008 13:11, csnyder wrote:
> Just looked at Bad Behavior, and it looks like an excellent tool to
> add to the kit.
>
hey. that looks interesting too. But it sounds
http://www.bad-behavior.ioerror.us/documentation/how-it-works/
like it is just looking at HTTP headers? if you are running Apache is maybe
better handled by mod_security
http://www.onlamp.com/pub/a/apache/2003/11/26/mod_security.html
which does that and a whole lot more, with less overhead because it never gets
to the request processing phase. If you are a hosting provider and have
untrusted web apps running on it, it has to be recommended. It will deny not
only spam bots but most w0rms and brute force attacks (false positives being
a problem here as well though)
OTOH if you don't have root, then BB would be a good line of defense.
> But really, how primitive are your spamming bots if they can't deliver
> a plausible set of HTTP headers?
most of them are very stupid and have "Perl/LWP" in the User-Agent header for
instance. They are no more advanced than they have to be.
Sam
More information about the talk
mailing list