First - a quick question on blanket domain banning –
I seem to get referrer spam in bundles – like spammerpharm.tld, spammercancer.tld, spammergolf.tld…you get the picture.
I check, ban, and report these as they come, but new mutations keep appearing.
What is the syntax to just ban all sites that start with a certain set of words? Would I just locally blacklist ‘-spammer’, to use this hypotherical?
How exactly does that work – would it ban anything containing the term anywhere in the url, or would it ban only those starting with the term?
Second - I've noticed a few search inquiries that seem to be looking for a stats page using google or other search engines. For example, a google search for 'inurl:disp=stats' showed up in my "recent searches' yesterday.
I was wondering if you could set up a robots.txt entry to prevent legit search engines from logging the stats page, which might lead some spammers to no find or target the blog.
I don't know jack about robots.txt files and don't know what portions of b2evolution to specify for not indexing - but am tossing the idea out just in case it could be another picket in the line against spammers.
On a general note – I put in the hack requiring users to login to leave comments, renamed the htsrv folder, and disabled trackbacks. With those mods my 0.9.0.12 installation has been spam free, except for the referrer spam.
TIA –
MCC
Upgrade to .9.1 - it doesn't have stats publicly available and greatly reduces the load on your server when a spammer who's in your blocked list hits your page.
So the thing with antispam is that it is a keyword list. If a keyword matches any part of the referer it'll ban it, meaning if you ban "dating" then ANYTHING with dating in the referer will be blocked. Don't use anything like wildcard characters - they don't work. In other words "*dating*" won't block anything because * will never be part of the referer.
Be careful though. Beginning with 1.6 b2evolution will scan comments for matches to your antispam list. That means a comment with the word "dating" will be rejected as a spammer.
Last thought: pay attention to what's hitting you and don't bother banning 100 different subdomains from the same domain: just ban the domain. Read the stickies at the top of this forum section to get a handle on how to best take advantage of the antispam system.