Kicking out Web spammers with DNSBL
Every project has its story. Every war has its winner, and its casualties. They were 20 millions men, fighting for their freedom. And you'll never know their story. Because during last week, I was l
Every project has its story. Every war has its winner, and its casualties. They were 20 millions men, fighting for their freedom.
And you’ll never know their story.
Because during last week, I was looking why my Web server was so heavily loaded. And I discovered that my blog was attacked by spammers trying to post comments. They were stopped by a great plug-in named spamplemousse, which use spam keywords and DNSBL to drop spam comments. However, this plug-in is written in PHP, like the rest of my blog, so it loads Apache and MySQL in a way that is no more acceptable: the page have still to be rendered for this !@#$ spammers.
Consequently, I decided to write a Apache 2.x module which will just drop a 403 Forbidden error page in the spammers’ head using DNSBL servers. Here it is, and it is called mod_defensible.
I’m using it since 3 days now, and I got some pretty interesting result and less load on my Web server, so c’est tout bon.
Related posts
Handling multipart/form-data natively in Python
RFC7578 (who obsoletes RFC2388) defines the multipart/form-data type that is usually transported over HTTP when users submit forms on your Web page.
Read more →mod_defensible 1.5 released
Apache 2.4 being out, I noticed that my good old mod defensible did not compile anymore.
Read more →