1 austriaco Jul 16, 2007 19:57
3 austriaco Jul 17, 2007 19:16
Great!
I have 10 days now without receiving any trackback spam (until the spamers [hopefully not] read this thread and figure out a way around)
4 balupton Jul 17, 2007 19:25
But are you sure that all legitimate ones are getting through? Like i'm trying to think of a scenario that would break it, but I can't think of any! Probabally only if the trackbacker is playing silly buggers, in which case dosn't really matter. Oh what about if say blogger.com does it, as they have hosts all over the world (i'm guessing), maybe the ip addresses would be different? But if you check the ips of the domains the same way (by doing a request), instead of just $_SERVER['whatever it was'] then it should be fine. :) Good work.
Or maybe say for live spaces, they might host the blog on whatever server the user's country is. And maybe the site that posts it is different?
When I get my blog up, I'll go test all these theories.
5 austriaco Jul 17, 2007 19:34
Haloscan is the only scenario I had thought but I never receive anything from that service.
At least my own trackabacks go through! :-) Since I'm not the most popular blogger on earth, I don't receive many legitimate trackbacks (almost none, in fact) and I don't have a way to test this. Maybe somebody here can send a couple of trackbacks to see how things works.
6 balupton Jul 31, 2007 18:08
Hi I'm going to try it on my blog now, I get a lot of traffic, so it will be interesting to see :) Will let you know how it goes :)
- If you want to test it out on mine and your blog, I'm up for firing off test trackbacks / receiving them.
Edit: I've made a few changes to the plugin, cleaned things up. Was there a reason with it being opt-in rendering though?
Anyway I you can get my changed one here http://www.balupton.com/blogs/plugins/download/dns_antispam_trackback_plugin.zip
Hope you don't mind, and hope it helps :)
7 cslepage Aug 01, 2007 12:10
I've just installed it to a blog of mine that gets a small amount of traffic each day. The trackback spam only started when I upgrated to 1.10.
Balupton, does your change mean I don't have to do anything up install the plugin? Will it work for existing messages, or only for new ones?
8 austriaco Aug 01, 2007 12:15
For new ones. It will try to block new trackbacks coming from hosts different than the refered host. As far as I can see, you can just upload the updated povided by balupton and things should keep working without any intervention on your part, but I haven't done it yet. YMMV.
9 balupton Aug 02, 2007 08:02
Yeah my change only cleans up the code (if that), no feature changes or anything. Austriaco is the mastermind :)
Austriaco, for the problems were it is a legit blog but using a different domain, maybe it could check the hostname against a known good hostname, so make a white list?
Oh btw, so far so good on my blog, not sure if any legit trackbacks have got through though... Mind throwing one at me sometime? http://www.balupton.com/blogs/b2evo?title=dns_trackback_plugin_the_proper_solution&more=1&c=1&tb=1&pb=1 (hope you like my little shoutout to your plugin, and should drive some traffic to it)
10 jibberjab Aug 03, 2007 16:52
One of the earlier posts states this will work for new posts but not for existing posts... Is it possible to go back and re-save existing posts once this plugin has been installed?
jj.
11 yabba Aug 03, 2007 17:01
The bit you read meant, "it'll work for any trackbacks that occur after the plugin is installed" even if they're on an old post ;)
¥
12 jibberjab Aug 03, 2007 17:33
Ah, ok.... I really need to start getting more sleep. :)
jj.
13 yabba Aug 03, 2007 17:37
Me too ;)
¥
14 daniel Aug 07, 2007 14:15
Ok... if I understood the description of this plugin correctly it´s not the same what I´ve seen yesterday by sending a trackback to a site without having the exact same URL linked in my post. My trackback was denied but after I saw my error, I added the source URL directly in my post and send the trackback again, and this time it works... Is the DNS plugin the same or is that what I wrote another possibility to increase spam trackbacks... Is there a b2evo plugin available what does what I have described?
15 austriaco Aug 07, 2007 14:49
No, Daniel, it's not the same. This plugin will check that the IP addresses of the trackback sender and the trackback "referee" are the same. Let's say you receive a trackback pointing to www.domain.com and www.domain.com has IP address "X", but the trackback was sent from another machine, which has IP address "Y". If "X" != "Y" then the trackback will be rejected. (read the "rationale" for the plugin: http://forums.b2evolution.net/viewtopic.php?t=10584 maybe it will help to clarify he concept)
16 balupton Aug 15, 2007 18:22
Hey Austriaco, probably a good idea to submit it to http://plugins.b2evolution.net/ and get it mainstream, so far working perfectly for my blog, wordpress.com trackbacks someone said don't go through, but oh well.
17 austriaco Aug 23, 2007 04:14
I have created a new version of this plugin, which I believe can handle the wordpress,com trackback cases (Further testing needed!) and also I submited it today to plugins.b2evolution.net. I thought, well, with more than month deployed it was about time. Official Web page of the plugin: http://sw.liberal-venezolano.net/sw.php/2007/08/22/dns_trackback_anti_spam_plugin
Have fun.
18 balupton Aug 23, 2007 07:36
Cool, I've updated as well. What is the opt-in rendering for though, I still don't know why it's there?
19 austriaco Aug 23, 2007 13:32
I'm sorry. I'm so sloppy! The renderer stuff is there because it was in the plugin skeleton that's provided as sample. Remember, this was my first plugin, so I didn't know exactly what should be in and what out, so I left everything in! I will update, when I have some more time. Thanks Balupton.
20 waltercruz Aug 24, 2007 19:17
Hi Austriaco.
I've tried to post this as comment on your blog, but there's something strange there :D
The comment:
I think that still doesn't work with wordpress.com trackbaks!
I have installed the prior version, and can't receive the wordpress trackbacks. I have read the code and done a little test, and still doesn't work. I can send you the trackback that I send to my self to you!
The comment has came from 72.232.131.30 but the ip of the wordpress blog is 72.247.132.199
[]'s
- Walter
21 austriaco Aug 25, 2007 01:26
Thanks Walter, I solved the problem with comments on my blog.
I sent I trackback from a wordpress.com blog I created specifically to test. I should have done this before. The request came from IP 72.232.131.30 even though the blog adress corresponds to IP 88.221.120.199.
So, it seems to me Wordpress.com is sending trackbacks from a centralized server, different from the ones which serve the blogs. This would make sense, since they collect all trackback requests from every *.wordpress.com blog and then send them in batches or something like that.
Now, assuming the above is correct, the question is whether they use only one server for sending trackbacks or several of them and we were just lucky to have sent trackbacks from the same trackback server.
Moreover, They can change this central trackback server at their discretion at any time, which would require a change inside the plugin everytime it happens, is it happens.
For the time being, I guess I can hardcode the IP address of the suspected wordpress.com trackback server and see what else come to mind.
22 afwas Aug 25, 2007 01:44
Does this: [url=http://nl3.php.net/gethostbyname]gethostbyname[/url] help?
*edit*
or [url=http://nl3.php.net/manual/en/function.gethostbyaddr.php]gethostbyaddr[/url] together with a [url=http://nl3.php.net/manual/en/function.preg-match.php]preg-match[/url] for 'wordpress'?
23 yabba Aug 25, 2007 11:47
Austriaco wrote:
For the time being, I guess I can hardcode the IP address of the suspected wordpress.com trackback server and see what else come to mind.
Alternatively you could add a textarea setting and have a "whitelist" of ip address's ( 1 per line ) which would make adding/removing/changing the ip's far easier ;)
¥
24 austriaco Aug 28, 2007 14:05
I like the idea of a whitelist. Now, that raises one question:
If I want to add settings to the plugin, do I have to deal with DB stuff? The settings would have to be saved somewhere.
25 balupton Aug 28, 2007 14:13
You define them in GetDefaultSettings then use $this->Settings->get/set, take a look at the test plugin :)
26 austriaco Aug 28, 2007 21:59
Alright, I implemented the textarea for a whitelist. One question I have before publishing the new version: How do I initialize a multiline variable inside the plugin. The thing is that I've checked wordpress.com sends trackbacks from at least 6 different hosts:
72.232.131.30
72.232.131.29
72.232.131.31
72.233.2.49
72.233.2.30
66.135.48.143
Plus three more for haloscan.com:
72.9.234.71
72.9.234.77
72.9.234.70
and I think it would be nice to povide at least this set of IP addresses to the user.
What I'm doing now is:
function GetDefaultSettings()
{
return array(
'whitelist' => array(
'type' => 'textarea',
'label' => $this->T_( 'IP whitelist' ),
'defaultvalue' => '72.232.131.30',
'cols' => 15,
'rows' => 10,
'note' => $this->T_('Input one IP address you want to exempt per line') )
);
}
27 balupton Aug 28, 2007 22:06
Just use implode and explode with say '|' for the separator, but if you really want multi line then do str_replace("\r", '', $var); and explode/impode("\n", $var); As new lines are either \r\n or \n.
But afwas's suggestion of gethostbyname is a good one as well as say all those ip addresses you just posted might just return the string "haloscan" or whatever making the need for a whitelist unnecessary.
28 afwas Aug 28, 2007 22:16
function GetDefaultSettings()
{
return array(
'whitelist' => array(
'type' => 'html_textarea',
'label' => $this->T_( 'IP whitelist' ),
'cols' => 15,
'rows' => 10, /* perhaps a larger number here */
'note' => sprintf( $this->T_('Input one IP address you want to exempt per line')),
'defaultvalue' => '
72.232.131.30
72.232.131.29
72.232.131.31
72.233.2.49
72.233.2.30
66.135.48.143
72.9.234.71
72.9.234.77
72.9.234.70',
),
);
}
Hope I didn't make any unintentional typos.
And do check version compatibility. I took the basic code from B2evo 2.0a and didn't check anything.
*edit*
I edited this post, added the last line (important) and disabled smilies.
29 austriaco Aug 28, 2007 22:48
Thanks balupton,
The thing is, for instance, I sent 6 trackbacks from anarcocapitalista.wordpress.com, which is an alias for e1143.c.akamaiedge.net, which in turn has IP address 88.221.52.199 (This would be the result of gethostbyname("anarcocapitalista.wordpress.com")), but the Trackbacks where sent from different hosts, none of which has any relation to anarcocapitalista.wordpress.com (those are the IPs I mentioned above).
30 afwas Aug 28, 2007 23:01
Austriaco wrote:
Thanks balupton,
The thing is, for instance, I sent 6 trackbacks from anarcocapitalista.wordpress.com, which is an alias for e1143.c.akamaiedge.net, which in turn has IP address 88.221.52.199 (This would be the result of gethostbyname("anarcocapitalista.wordpress.com")), but the Trackbacks where sent from different hosts, none of which has any relation to anarcocapitalista.wordpress.com (those are the IPs I mentioned above).
Sometimes you just wish things to work the way you want them to.
I'm afraid the list you provided is only a beginning. They're probably IP ranges, so be prepared to change the code to 72.9.234.xxx etc.
31 austriaco Aug 28, 2007 23:22
Another potential source is Typepad. Any other service like that which could be source of trouble?
32 afwas Aug 29, 2007 00:00
Can you test thsi version? I mean, you can install it, but can you make a trackback to the blog where the pluigin is installed from one of the whitelisted IP's?
At least:
a) the list shows in the backoffice -> App Settings -> Plugins -> DNS Antispam Trackback (Now tested in 1.10)
b) It shows you how to call the settings:
$this->Settings->get( 'whitelist' )
If I did the if and elseif correct, it first checks if the $url_parsed is in the whitelist.
Unfortuantely I don't have a 1.10 bog online, so I can't test if it does what was intended.
TODO: write the added IP's to database or file. In this version newly added IP's will disappear if the plugin is uninstalled and probably when the server is reset.
Based on the version by balupton, hoping that is the most recent
*edit
I removed the test version, look for the post by Austriaco for the next develpment version.
33 waltercruz Aug 30, 2007 23:39
I liked it!
But, the settings of all the plugins disappear when the plugin is uninstalled no?
34 afwas Aug 30, 2007 23:57
Walter wrote:
I liked it!
But, the settings of all the plugins disappear when the plugin is uninstalled no?
What do you mean? The settings from the plugin are destoyed when you uninstall the plugin, but that is supposed to be.
The version I posted is for testing purposes. It's Austriacos plugin and only if he decides to publish it's a new version. But, you can test it, that's what a test version is about. Report back a) if spam gets through and b) if no spam gets through, does it make exceptions for the added IP's.
Good luck
35 waltercruz Aug 31, 2007 00:01
Sorry for the ambigous phrase.
The settings from the plugin are destoyed when you uninstall the plugin, but that is supposed to be.
it's what I meant :D
36 afwas Aug 31, 2007 00:08
You can manually add IP's in the back office of the plugin. Whatever you store there is not saved. You can also change the plugin's php file. There IP's are stored and saved if the plugin is newly installed. But this is not the most user friendly way to store settings, so a little work from the developer is required.
37 waltercruz Aug 31, 2007 00:16
It's possible to create tables with the installation of the plugin, but AFAIK, these tables are removed with the uninstall proccess.
38 afwas Aug 31, 2007 00:23
Walter wrote:
It's possible to create tables with the installation of the plugin, but AFAIK, these tables are removed with the uninstall process.
Yes, it is going to be a solution like that. I am curious how many IP's eventually will be eligible for the list. Ranges of IP's or just a dozen or hundreds ...
39 austriaco Sep 03, 2007 13:48
I have released a new version (0.3) of the DNS Trackback plugin for b2evolution. Announcemente and download [url=http://cronicaslinuxeras.com/antispam_plugin_for_b2evolution_version_03]here[/url]. This version implements (I believe) the suggestions made in this thread for a whitelist, editable in the backoffice. So far it is working, but more testing is required to discover new "trackback servers" if you will.
Thanks to all who have commented and helped in testing.
40 blueyed Sep 07, 2007 02:29
1. Daniel wrote:
Ok... if I understood the description of this plugin correctly it´s not the same what I´ve seen yesterday by sending a trackback to a site without having the exact same URL linked in my post. My trackback was denied but after I saw my error, I added the source URL directly in my post and send the trackback again, and this time it works... Is the DNS plugin the same or is that what I wrote another possibility to increase spam trackbacks... Is there a b2evo plugin available what does what I have described?
The basic antispam plugin (shipped with b2evo) has an option for this ("Check referers for URL"). This downloads the source and checks if it contains your URL.
2. I really like the idea of this plugin. Thanks, Austriaco!
If it would not need a whitelist, I'd add this functionality to the basic antispam plugin. But a whitelist gets to "advanced" IMHO.
But I'm not sure about it.
Maybe it makes sense to optionally hook into GetSpamKarmaForComment, to provide a score based on the observations made?
Theoretically that sounds like a pretty neat idea. I'll give it a shot when I get my blog back up.