I’ve had a minor modification to my Spammer TarPit plugin in place here for a couple of weeks, but I’m just now getting around to updating it for public consumption. New in version 1.3: the plugin will now emit an HTTP 403 “Forbidden” status code, and the content-type is set to “text/plain”. There’s little hope that a spammer bot will actually recognize and respect the 403 status code, but at least it’s proper semantics on the part of the plugin.
you might be able to clean up the regex with something like:
"/^([0-9]{1,3}\.){2}([0-9]{1,3}\.?){1,2}$”/That way, the last quad can be dropped for spammers that are working a subnet.
However, you would run the risk of blocking innocent bystanders who are in the same subnet.
The tarpit shouldn’t be considered a first line of defense in blocking spam. I find that far more of the spam targeted at my site is blocked by the normal moderation checks than by my tarpit. The tarpit is mainly useful for cases like I was seeing a week or two ago, when an automated program is sending spam after spam after spam from the same address.
I’ve seen hundreds of spams sent to moderation over the past few days, but only 4 hits have triggered the tarpit.
Death to All Comment Spammers
I am now trying Dougal’s Tarpit plugin to see if I can discourage the video gambling spammer who is flooding my comments.
away (aint the blogosphere and its wonders great?) and has put my fears to rest. I’ve reenabled the plugin, and I’ll just have to stick it to the spammers. Gerrr! Thanks Dougal for your support and your wonderful plugin! Update 2: Spammer TarPit Version 1.3 has been released, which makes semantic 403 Forbidden errors. Great work, again. I don’t know if Dougal’s Spammer TarPit is just going slightly overboard on my weblog. Since the 11th of October (that
and if i want to ban a subnet, like 82.55.x.x-82.59.x.x how i do?
[...] Il secondo livello è formato da una versione modificata di SpamTarPit con un meccanismo d’una astuzia letale: interroga in continuo un rpc che lista gli open proxy e se un ip che ha visitato il blog "Match" ossia combacia, lo aggiunge nella blacklist. Questo ha uno svantaggio, per un po’ si è dentro il blog, ma non dura: entro 5/10 minuti l’indirizzo ip è out, quindi è anche difficile lasciare un messaggio, dato che la gestione di essi è affidata ad un sistema a doppia validazione ed infine, il terzo livello è Spam Karma II: l’ideale presidio se per caso le prime due difese siano varcate. Quindi spiacevoli episodi a base di cassamortari e minacce non dovrebbero presentarsi. [...]
Hi there, I just downloaded and installed your plugin since I also am a target for the damn crap bots. My Q ( ignorant and stupid as it might be )is how/where do I add the ip’s I want to block? How is it supposed to look like when I add them?
Thanks for your time
/Michael
TarPit…
I don’t know if it was due to Dougal’s TarPit plugin, but the comment spammer seems to have gone away for now. He is not missed.
……
Dougal, what happened to the code for your tarpit plugin? I go to http://dougal.gunters.org/blog/2004/08/25/spammer-tar-pit, and then from thereon, to http://dougal.gunters.org/tarpit.txt|phps, but guess what, “Apologies, but we were unable to find what you were looking for. Perhaps searching will help.” …