This is a post from the blog of Rod Begbie, who is one…
                       XXXX

“Groovy Motherfucker”

mod_refererblacklist?

January 12, 2005

mod_refererblacklist?

My poor server took a hammering today, when some referer-spamming shitbag hammered MovableType’s comments CGI script, effectively DDOSing it.

I chucked in some mod_rewrite rules to try to make this a little less likely in the future, but here’s a Lazyweb request:

Any ideas on a way to take the Comment Spam master blacklist and use it at an Apache level to block requests having a Referer that matches? Preferably one which doesn’t use more CPU cycles than the spam attack I’m looking to solve!

Comments

About 7 years, 4 months ago, richard commented:

About the best method is to deal with it at the TCP level, firewalling off known offenders before they even get to the web server... I haven't bothered myself because it hasn't become a huge issue on my server yet.

About 7 years, 3 months ago, tom sherman commented:

I've got a lot of info on referrer spam gathered, and I've written it up in a pretty comprensive proposal on referrer spam. Check it out.
http://underscorebleach.net/content/j...

If you're interested in blocking spammish requests in real-time, take a gander at Chris @ My Quiet Life's directions for using mod_access_rbl.
http://chris.quietlife.net/archives/0...

Post a comment

Due to spam, posting comments to old entries is disabled.

saute-swinish