I set my blog so referrers don't show, did all the things that worked from this board, and realized that my url was out in the wild and nothing was stopping the spam attempts. Didn't matter that they were unsucessful because the spam bots just kept on trying and using my bandwidth up in the process.
The worst part about it was that my blog is designed to only be accessed from the menu on my site and I didn't need to drive traffic to it. So, a radical change was in order.
First thing I did was I changed the directory from http://mydomain.com/blog/ to http://mydomain.com/otherblog/. Then I used .htaccess to block direct access to http://mydomain.com/otherblog/ from anything other than the menu on my site.
I created a redirect for all traffic coming to my old blog and sent them into the wilderness (yes, I know some legitimate traffic may have been caught, but legitimate visitors for that particular site would and did come back to the site to use the menu link). I left it like that for over 6 months, thinking that this was long enough for referrer/spam bots to get the message and give up.
Didn't work. After 6 months I removed the redirect and was hit almost immediately by massive and repeated hits on the old blog.
So, I created a directory with the same name as the old blog.
I put an .htaccess file in it, with the following directives:
RewriteEngine On
RewriteCond %{HTTP_REFERER} .
RewriteCond %{HTTP_REFERER} !(mydomain\.com) [NC]
RewriteRule ^(.*)$ %{HTTP_REFERER} [R=301,L]
This results in all spam hits on that directory being sent back as a permanent redirect to the referrer.
Some spammers have come back repeatedly, but they are getting the message and visits have dropped away.
Interestingly, with the measures I put in place from the posts here, I have not had any problems at all with the real blog in the 7 months since I made these changes - the only problems I have had are with spammers trying to find the old url.
I've never had stats displayed, never allowed referrers and never had trackbacks, so theoretically, I should not have had the massive hits with spammers that I did.
So, for anyone who is not worried about losing trackbacks or losing search engine links to your blog, but who is getting fed up with spammers, I can recommend doing what I did. Apart from anything else, there is a great sense of satisfaction in seeing my bandwidth safe and logs showing masses of 301's back to spammers ;)
General Support
b2evolution CMS Support Forums
Elpie,
Did you try implementing Isaac's spam-bouncer script? It's available in this thread:
http://forums.b2evolution.net/viewtopic.php?t=4512
That, in conjunction with the antispam-update-and-rechecker scripts available on EdB's blog...
version for pre-Dawn:
http://wonderwinds.com/hackblog.php/2005/02/07/antispam_recheck_tool_part3
version for Dawn:
http://wonderwinds.com/hackblog.php/2005/09/18/antispam_rechecking_dawn
has dropped my referal spam bandwidth to almost nothing, and the amount of spammers that actually get through now are extremely rare. I went from approx 120Mb of referal bandwidth per day to a more reasonable 15Mb or so of legit traffic...
The rechecker works best when you throw it into a cron-job. Might want to try it out and avoid the "only one way in" technique, though it sounds like it's working for you...
jj.