I have sucessfully prevented spammer from commenting on my website by simply requiring the user to be logged in to comment. So I am o.k. with this... I also turned off the trackback options to prevent them from leaving trackback infor.
But recently I have noticed a huge serge in what appears to be spam bots trolling around my site attempting to leave trackbacks and comments anyways.
Most days my blogging stats show about 10,000-13,000 views (or about 10 to 20 times what Site Meter shows) - more alarming is that my awstats is showing abourt 3000 unique visits with over 20,000 page views. (again about 3 or 4 times the visits and about 20 times the page views that Site Meter shows). From looking at the 'last visitor' stats I can see them going to old posts then to a comment then to another old post then to another comment, etc... sometimes going to a track back, etc... usually about 6-12 pages before they go away...
This is not causing any real harm in terms of spam 'showing' on my site... but the 20,000 page views a day seem to be causing me some bandwidth issues.
I just upgraded to the 9.2.0 and have my blacklist up to date... I don't know how much either is helping.
I have thought about simply moving my entire blog from the index to a folder and redirecting my index to that folder... but I guess I see that as only a short term solution... if one at all?
any other suggestions to prevent this?
General Support
b2evolution CMS Support Forums
yes, stop them at the "door" using mod_security or mod_rewrite, or similar. In fact, anything that can push them away before they load a page will signifigantly decrease your bw.
Ive covered using mod_rewrite extensively here- Ive no doubt you stumbled upon the thread. Theres also a newer mod_access thread that I started.
If you can narrow down offending IPs, its not all that hard to block them by IP ranges in your .htaccess. It does take a little time, and it can be a pain to go through logs, but it CAN be done.
All of the above assumes youre site is powered by Apache. I cannot and wont even begin to provide solutions to sites that have the misfortune of being hosted on Win/IIS boxes.