Thanks for this handy tutorial. Can you clarify what directory the .htaccess file should go in?

Thanks.

a short addition for ppl who can't use mod_rewrite.
it's also possible to stop spammer without it.

e.g.

Code

yes, i apologize.. I was actually looking on my hdd at the files as opposed to on the server.

To clarify:

the root of your blog install is NOT where your _config.php is .. It is where your mms.php, index.php, multiblogs.php, and others are. In fact, a newly unzipped b2evo has a sample.htaccess in the root directory already for you

---

As for the errors, I cant help there without more info.

your welcome :) anytime! and thank you to you guys for helping to make this thread more informational :)

Dear Whoo & Co,

I've come across another way of modifying the .htaccess file to prevent certain domains from making requests (i.e. getting referrers):

Code

Seems to have this function. Anyone know whether it would work?

F

here is a pretty good working example of an .htaccess

hopefully this will clear up general questions about how things work..

Code

Notice that you can have multiple sets of conditions that follow different rules.

ONE thing to remember is that the longer your list gets, the more work the server has to do.. and will slow down your server. Thats why its best to combine things.. the pinapple proxy thing kills off a whole ton of work for your server. I removed atleast 20 domains off my longer list after I added that.

Thanks for this excellent information, whoo.

Well, whoo, also for what it's worth, I pointed a friend of mine who maintains a large group blog running wp to this thread, and he is now eternally grateful, so chalk up one more convert.

Whoo, after moving /htsrv to another location I was getting quite a lot error messages (in apache error log) that trackback.php was not found. This does not influence the work of b2evo, but still i'd prefer to get rid of these messages.

Would it make sense to redirect those coming to the old /htsrv location? To their own IP address or something? And if yes, what would be the appropriate .htaccess lines?

FYI, if anyone has read this far, and is looking for information linked to in point #5 in whoo's original post re: pinapple proxy, that page is no longer publicly available, although whoo's directions should still work.

However, I'm guessing that the pinapple spammer has changed something recently. Can anyone confirm? I'm not being targeted, but a friend of mine is, and I've noticed a lot of spam this morning on his blog.

I'm not a fan of blacklists. They steal my time (in upkeep) and my webhost's CPU usage (in execution).

The following htaccess entry would block any referrer spam I've received to date.

Code

The commented out rule would be an alternative to the rule I'm using (it gives a 403 error instead of a 301 redirect back to the source).

Maybe this is just a temporary solution, but all referrer spam I've seen (so far) has targetted the stats display page. What is the experience of other users?

Ioo

You did not give much background. You have Apache with mod_rewrite? .htaccess is in your document root? Maybe change "disp=stats" to ^.*disp=stats.*$ -- shouldn't matter, I don't think.

Hi all,
Thanks Whoo for starting an excellent thread.

I have an .htaccess which I would appreciate feedback on.

# Apache configuration for the blog folder

# this will select the default blog template to be displayed
# if the URL is just .../blogs/
<IfModule mod_dir.c>
DirectoryIndex index.php
</IfModule>

# this will make register globals off in b2's directory
# just put a '#' sign before these three lines if you don't want that
<IfModule mod_php4.c>
php_flag register_globals off
</IfModule>

# this is used to make b2 produce links like http://example.com/archives/m/200209
# if you renamed the file 'archives' to another name, please change it here too
<Files archives>
ForceType application/x-httpd-php
</Files>

# Last updated 30th May 05

RewriteEngine On
RewriteBase /

# Fix for comments
RewriteCond %{HTTP_REFERER} !^http://mydomain.com/.*$ [NC]
RewriteCond %{REQUEST_URI} ^.*comment_post\.php$
RewriteRule .* - [F]

# Bad referers and pinapple start here
# Get the pinapple proxy first
RewriteCond %{HTTP:VIA} ^.+pinappleproxy [NC,OR]

# Atrivo Technologies
deny from 69.50.160.0/19

# Bad TLDs not covered above
RewriteCond %{HTTP_REFERER} \.biz [NC,OR]
RewriteCond %{HTTP_REFERER} \.ru [NC,OR]

# Try to prevent referrer spam
RewriteCond %{HTTP_REFERER} "!^http://www.mydomain.com/.*$" [NC]
RewriteCond %{QUERY_STRING} "disp=stats"
#RewriteRule .* - [F]
RewriteRule ^(.*) http://%{REMOTE_ADDR}/ [R=301,L]

I noticed that Atrivo has not been mentioned in other posts.
I recently moved my blog (still within the same domain, but different name) which made it easier to see who is hitting it. In the first 10 minutes after the change I had a number of IP's in the Atrivo block appearing in my error logs.

If you want to see what sites are hosted by Atrivo, check this out...
http://www.bluetack.co.uk/forums/index.php?showtopic=9119

There is more info on http://www.rojisan.com/spam/archives/2004/11/spam_hosting_atrivocom.html

and http://www.thebishop.net/geodog/archives/2004/09/18/anatomy_of_comment_spam_script_vendors_emil_kacperski_and_eugene_blagodarny_and_corporate_helpers.html

In the 24 hours after my blog was moved I was hit every 10 seconds by 5 IP's within the Atrivo block. Since I added the "deny" = nothing.
If you are getting hit on by any of the domains listed in that first link I gave I would recommend you take steps to block. Seems like this host has been around a while and has no intention of enforcing its own AUP.

I wondered if that might be the case. Can't he just add

Code

to his .htaccess file? Of course, you'll need to use the real ip address. That will prevent this person from any access to your web site. If his IP changes (because his ISP uses dynamic addressing or becuase he goes through a proxy) then this will stop working.

I've been trying to get my .htaccess file to work, but for some reason my cgi script isn't working and I'm getting a 500 error, could someone please either post their .htaccess file or e-mail me their file at eljacek@yahoo (nospam) .com

sorry for being a pain, but i've been having one hell of a time. thanks.

that is wonderful Dan, awesome!!

whoo wrote:

6. Especially paranoid? Block ALL .info and .biz tlds in your .htaccess. Yes they spam alot.

Code

	RewriteCond %{HTTP_REFERER} \.us [NC,OR]
	RewriteCond %{HTTP_REFERER} \.info [NC,OR]

I'm now blocking all .to TLDs in my .htaccess thus:

Code

I've been getting a lot of referral spam from .to domains lately, and I don't think I've ever seen a "legit" company or site using a .to domain, so screw 'em.

Until I can figure out how to successfully auto-recheck the antispam list, I'll keep these settings in my .htaccess. I have the auto-update working, but can't seem to get the auto-recheck working under .12

jj.