Starting the Fight Back

Thursday, August 11, 2005, at 01:33PM

By Eric Richardson

Today I launched my first salvo in the war against comment and referer spam. The situation had gotten ridiculous, especially over on blogdowntown, where I had seen 850 or so comment spams in about a week. Looking at stats had become similarly useless, since the visit numbers had ballooned 150% with the traffic. The attacks all come from different IP addresses, but today I realized that the websites they point to have to actually be hosted somewhere -- and it's a lot harder to find a hosting IP than it is to hijack some European desktop to do your spamming.

And so just now I'm putting in place a mod_perl handler that sits as early in the connection process as possible and singles out offending IP addresses based on their referers. It then blocks both the IP and the referer, and returns a 403 Forbidden error.

The beauty is that while I'm only actually filtering referer spam, I'm knocking out the bots that were doing the comment spam at the same time, since the bot is double-dipping. The IP continues to be blocked, even when it no longer has the referer.

Early testing has worked well. I don't think site responsiveness should be noticably effected. We'll see if that holds true.