... > There is one particular spammer who I want to deny access to my web site. > > He is leaving comments & sending emails through the contact form which > are full of p*rn site urls etc. > > He is spoofing his ip address so denying access on ip is out. The only > thing consistent is the browser he uses. The string returned in the > access log is "Mozilla/4.0 (compatible; MSIE 5.01; MSNIA; Windows 98)" > and I thought I can deny access to the web site for this user agent as > till now this guy is the only one visitor to my site using a browser > returning this string. ... </lurk> Ok, sorry to drag this out, but I've got to ask... So, this spammer happens to be using an old OS/browser, so blocking the traffic based on browser works well. The spammer could just as easily be using the lastest version of IE on XP. What's the real solution here? I guess the application should be doing some kind of filtering of the input data, right? How is the issue generally handled in the industry? I mean, there are a bunch of comment, customer service, type of pages on websites. Even blogs that allow content updates for webpages. Is spamming just a risk that you take when allowing web users to post data, or is there software/filtering that is usually done? Thanks, JP <lurk> --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|