On Tue, 2009-10-20 at 14:31 -0400, Gary wrote:
> I have several sites that are getting hit with form spam. I have the script
> set up to capture the IP address so I know from where they come. I found a
> short script that is supposed to stop these IP addresses from accessing the
> form page, it redirects the spammer to another page (I was going to redirect
> to a page that has lots of pop-ups, scantily clad men and offers of joy
> beyond imagination), but someone suggested I redirect to the Federal Trade
> Commission or perhpas the FBI.
>
> Any thoughts on the script and its effectivness?
>
> <?php
> $deny = array("111.111.111", "222.222.222", "333.333.333");
> if (in_array ($_SERVER['REMOTE_ADDR'], $deny)) {
> header("location: http://www.google.com/";);
> exit();
> } ?>Gary
>
>
>
> __________ Information from ESET Smart Security, version of virus signature database 4526 (20091020) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
A few things immediately spring to mind:
How are you being hit? Is it through an automated process (bot) on your
form, or a real person?
If you are being hit from bots, is it from a zombie network or a few
machines?
If you are being hit by bots from a zombie, then this solution won't
work well, as the list of IP addresses you'll have will be huge, and
will potentially include many of your real visitors who didn't realise
their computer was not their own any more.
If you are being hit by bots that are not part of a botnet, then
redirecting them to another page is essentially fruitless, as the bots
really don't care.
If you are being hit by humans, then are the IP addresses always going
to relate to those same persons, or are they part of a dynamic range
that and ISP serves out amongst all of its customers?
Thanks,
Ash
http://www.ashleysheridan.co.uk
