http://isaacschlueter.com/tests/b2antispam_genhtaccess.php.txt

In your admin panel you update your spam list. After you have done that you can use the file listed at the address above to automatically update your .htaccess file to block all referers that contain those words. It should help slow things down. I modified my template to hide latest referer and top referer info too and got rid of the stats page.

HTH. Good luck.

That was fast thanks.

I did the update spam list already, forgot to mention that.

I will run the script thanks for that.

What about the comment spam? What do people do to avoid that? Can you filter the comments or would you force people to login to comment?

Ian

The easiest and fastest way to block comment spammers is to rename your htsrv folder, documented in [url=http://forums.b2evolution.net/viewtopic.php?t=3764]the very first post in this thread[/url].
Whether you do that or not, keep your antispam list up to date!

I don't think you need to do anything with your .htaccess file to cut the bandwidth that spammers steal when they try to spam you.

Step one is ALWAYS to keep your antispam table up to date. Click the link on your 'Antispam' tab until it returns only one response.

Next, either click the ban symbol next to each 'top referer' on your 'Stats' tab, or install my antispam rechecker hack (available on my hackblog or through the plugins section - which is linked above). If you go with the 'click the ban symbol' method just do it for each nasty linker you find.

Third: A VERY QUICK AND EASY SOLUTION TO COMMENT SPAM is to rename your htsrv folder as whoo explained very clearly in [url=http://forums.b2evolution.net/viewtopic.php?t=3764this post[/url]. As whoo pointed out, and I'll repeat till the earth's orbit decays and we collapse into our burned out dead husk of a star, update your blacklist!!!

Finally, if you get a comment spam click the edit link in the email you get, then click the ban symbol. Add them to the database. Add another incident to the database. BAN THEM! DELETE THEM!

EdB wrote:

Step one is ALWAYS to keep your antispam table up to date. Click the link on your 'Antispam' tab until it returns only one response.

Ok I only did it once, I have that up to date now

EdB wrote:

Next, either click the ban symbol next to each 'top referer' on your 'Stats' tab, or install my antispam rechecker hack (available on my hackblog or through the plugins section - which is linked above). If you go with the 'click the ban symbol' method just do it for each nasty linker you find.

I spent 30 minutes banning from the stats and it is an endless job. The stats still say referrers 18546! Is there a shortcut? I read up on your antispam rechecker and did not understand what that was going to do.

EdB wrote:

Third: A VERY QUICK AND EASY SOLUTION TO COMMENT SPAM is to rename your htsrv folder as whoo explained very clearly in [url=http://forums.b2evolution.net/viewtopic.php?t=3764this post[/url]. As whoo pointed out, and I'll repeat till the earth's orbit decays and we collapse into our burned out dead husk of a star, update your blacklist!!!

Is there a cron job you can do to do the updates or do you have to make a mod?

EdB wrote:

Finally, if you get a comment spam click the edit link in the email you get, then click the ban symbol. Add them to the database. Add another incident to the database. BAN THEM! DELETE THEM!

I got that loud and clear. I had no idea a handful of comment spasm could cause so much mess.

Thanks everyone for the help so far.

Ian

Short answer: yes. Check http://forums.b2evolution.net/viewtopic.php?t=5062 and do the first part - it is a real bandwidth saver! Then visit Isaac Schlueter's web, linked in that thread. He's got the cron job stuff for an automated update getter he wrote.

Is there a shortcut?

Yes. Read on.

I read up on your antispam rechecker and did not understand what that was going to do.

Here's why you need the rechecker: When you update the blacklist, it doesn't actually remove any spam. It just prevents spam in the future. The rechecker compares the blacklist to all of your current comments and reflogs, and gets rid of any spam you already have. The spam you've been removing is probably already blocked by your blacklist. The recheck hack would make getting rid of it much faster.

Is there a cron job you can do to do the updates or do you have to make a mod?

It's a hack, but not a very difficult one. Read about it [url=http://isaacschlueter.com/blog/work/programming/automatic_antispam_update_cron/]here[/url]. You can combine that with the rechecker and make a cron job that updates the antispam list and rechecks to remove any existing spam. That's been the best soultion for me.

If it is spam referrers that are causing the problem and you only have a few people who read your blog, you could always do what I did - rename the blog and redirect or block anyone who comes looking for the old name.
I have had the greatest pleasure in seeing countless numbers of spammers being sent into oblivion!
It hasn't affected the people who come to my site to read the blog.

I also implemented Isaac's cron job solution for automatically updating the antispam, plus used some of the techniques in Whoo's thread. It's amazing how much bandwidth this has saved me!

The other thing to look out for though, in terms of bandwidth usage, is how much is being used by search bots. Googlebot has been misbehaving lately and if you search under googlebot and bandwidth you will find there are heaps of people now being forced to block Google until the bot settles down.

Implementing the [url=http://forums.b2evolution.net/viewtopic.php?p=23293#23293]BlockUntrustedVisitors()[/url] hack should also reduce your spam issues. Please notice updating the antispam blacklist alone does not change anything in your bandwith usage, since that list is only used to filter your hitlog entries, your blog pages are still displayed.

I took the website off line as I am very busy with real work. I will put it back up when I understand how to manage all of this better. I might wait untill the next release. I was thinking of importing everything into a new install but might just enter the 30 odd entries in by hand. I would loose the comments though.

Thanks for the help everyone.

I need some help with this rechecker.

The first step is to alter your antispam table to add a new field for checked or not. This is the code phpmyadmin showed me after I added the field.

ALTER TABLE `evo_antispam` ADD `aspm_checked` ENUM( 'needs', 'gotit' ) DEFAULT 'needs' NOT NULL

That is great but I do not know the steps to create the record. I go into myphpadmin and select the table and select add but I do not know how to fill the fields out. How do I convert the information above into what I need to enter into the field parameters?

I have just spent an hour manualy removing referers because I did not understant the above but it will take ages to do so I am giving it a go. I just don't have the experience.

Thanks.

Select your b2evo database, click on the SQL link, and paste in the code you're given, and you're good to go. The correct field will be created automagically, and you'll be lovely and spam free.

Ok thanks for that. Very easy.

No I followed the complete proceedure for the hack http://wonderwinds.com/hackblog.php/2005/02/07/antispam_recheck_tool_part3

and I get this.

Fatal error: Call to undefined function: list_antispam_short() in /home/username/public_html/admin/b2antispam.php on line 517

Line 514 to 518 show as

<?php
if( $show_full ) {
list_antiSpam();
} else {
list_antiSpam_short();
}

Again I am clueless, any help apreciated.

Edit: Deleted the hacks.php file and everything working ok. I have tried the hacks.php file several times to make sure it is ok. I restored the original b2antispam.php and it did not help. Something in the hacks.php is causeing problems no matter which version of b2antispam.php is in the folder.

If I have the hacks.php I also get this at the top of every page of my site which is the contents of hacks.php so I must be missing something in the file.

function list_antiSpam_short() { global $DB, $querycount, $tableantispam, $res_stats; $sql = "SELECT aspm_ID, aspm_string, aspm_source, aspm_checked FROM $tableantispam WHERE aspm_checked = 'needs' ORDER BY aspm_string ASC"; $res_stats = $DB->get_results( $sql, ARRAY_A ); }

Did you wrap the function in your hacks.php file in <?php at the start and ?> at the end?

Thanks Graham,
Someone who realises how nieve I am :D
That fixed it.
After this I will try and spamproof. This takes a long time. Thousands of entries because I ignored a few comment spams.
Also I had not realised you had to update multiple times to get the complete blacklist. I won't make that mistake again!

Thanks everyone for the hand holding and friendly assistance even when I did not read the extensive information on the forums.

I have learnt quite a lot in the last few days and apreciate it.

I invite you to read the following posts in order to reduce your bandwith and CPU usage:

• [url=http://b2evolution.net/man/2004/12/29/control_referer_spam_howto]How to control referer spam hits from search engines[/url] ([url=http://b2evolution.net]b2evolution[/url] documentation)

• [url=http://forums.b2evolution.net/viewtopic.php?t=5322]How to control referer spam hits from search engines[/url] ([url=http://b2evolution.net]b2evolution[/url] forum)

• [url=http://forums.b2evolution.net/viewtopic.php?t=5243]CPU Usage Reduction Suggestions: Antispam[/url] ([url=http://b2evolution.net]b2evolution[/url] forum)[/list:u]If your blog's most viewed pages include month or year summaries (some seach engines love to index them and suggest those links to their visitors while these are the biggest pages on your blog and they don't interest anyone...), try this hack:

[url=http://www.plack.net/index.php/2005/08/24/auto_search_in_b2evolution]Auto Search in b2evolution[/url][/list:u]also discussed here:
[url=http://forums.b2evolution.net/viewtopic.php?t=5309]Auto Search plugin[/url][/list:u]

kwa I have reduced bandwidth to almost nothing.

CPU useage does not seem to be a problem

I just find my stats Webalizer Web Stats are now no longer accurate as the site still seems to being hit. It seems once someone has your site targeted it is like email spam, it just seems to go on forever. I think the time I took to react to the problem compounded the severity of the problem. Is it likely I will ever get correct stats now I have plugged the holes with hacks?

Are newer releases of b2 going to address these issues as obviously a basic install of b2 is extremly vulnerable?

Thanks everyone.

A few weeks after removing the "disp=stats" links recommanded in [url=http://b2evolution.net/man/2004/12/29/control_referer_spam_howto]How to control referer spam hits from search engines[/url], once the main search engines updated their indexes, I've noticed most -- but not all -- of the referrer spam hits stopped... and moved to other pages.

Since one of the objectives looked for by spammers is to increase their search engines ranking, removing pages from search engines indexes makes spammers going elsewhere. It appears spammers use mainly [url=http://www.google.com]Google[/url] to update their databases of pages to spam. Your site will probably never dissapear from some spammers' databases, but spam should not increase as quickly as before...

With the recent decision to make all comments links rel="nofollow" by default in the Phoenix release (see [url=http://b2evolution.net/news/2005/09/26/rel_nofollow_spam_prevention]Post details: rel="nofollow" spam prevention[/url]), spammers might track other sites in the future...

I've seen some spammer Google searches aimed to insert my blogs to spammers databases. I believe looking for "b2evolution trackback comments" is not intended to read all of them...

[url=http://www.mrunix.net/webalizer/]Webalyzer[/url] does not seem to count all the hits. Spammer hits does not appear to be counted. [url=http://awstats.sourceforge.net/]AwStats[/url] counts more hits, even if both use the same [url=http://www.apache.org]Apache[/url] logs as input.

For now, about 30% of my blogs entry hits are identified as referrer spammers and redirected to a "please stop spamming me" page. My [url=http://b2evolution.net]b2evolution[/url] powered site displays about 100,000 pages a month. That makes a lot of spam!