[Moin-user] Snake eats spam!

Gnarlodious gnarlodious at gmail.com
Wed Sep 30 20:41:00 EDT 2009 

I am pleased to report only one spamming instance since implementing
this filter, and it was in Russian. My blocked IP list has collected
110 computers in 17 days. Real happy about this mod, especially since
they only get one chance to spam. Subsequent spam attempts are blocked
by Apache. If you are having spam attacks from the PageComment2 macro,
consider it as a solution (and perhaps improve it).

-- Gnarlie


On 9/12/09, Gnarlodious <gnarlodious at gmail.com> wrote:
> I am proud to say I have solved my spamming problem with a little Moin
> hacking, my first hack! (Python is so cool)
>
> This mod to PageComment2.py block spammers at the Apache .htaccess
> file. The page stops writing and displays no comments. Subsequent POST
> operations are redirected to an ugly offsite error page. No logging is
> done in Moin, but the .htaccess file acts as a log.
> NOTE: Excessively long rewrite lists can slow down your server. Trim
> the list from the bottom periodically.
>
> Starting at line 255:
>
> if not missingfields:
>     # check input
>     import os, fileinput
>     badWords=['preteen', ...etc]
>     for badWord in badWords:
>         if comtext.find(badWord)!=-1:
>             for line in
> fileinput.input('/Library/WebServer/WikiFarm/.htaccess', inplace=1): #
> OSX path
>                 print line[:-1]
>                 if line.startswith("RewriteCond %{REQUEST_METHOD} POST"):
>                     print "RewriteCond %%{REMOTE_ADDR} ^%s [OR]" %
> os.environ.get('REMOTE_ADDR').replace(".", "\.")
>             return ""
>
>
> To set this up, your .htaccess file needs to be redirecting. Use text like
> this:
>
> # Block page vandals
> # Addresses are written by script
> /Library/WebServer/WikiFarm/plugin/macro/PageComment2.py line 269
> RewriteCond %{REQUEST_METHOD} POST
> RewriteCond %{REMOTE_ADDR} ^222
> RewriteRule .* http://etc.Gnarlodious.com/Support_Files/BlockedAddress.htm
> [L]
>
> IP addresses to be blocked will be written after the line
> RewriteCond %{REQUEST_METHOD} POST
>
> The great thing about this method is that they can't experiment for
> which words need to be erased since their IP address is blocked from
> saving any files. My battle with these spammers has taught me that it
> is a virus that turns an infected computer into a proxy for this spam.
> There is probably a better way to block using CAPTCHA but its not
> working for me. I think the PageComment2 macro is a little old for
> this spam offensive I am warding off.
>
> -- Gnarlie
>

More information about the Moin-user mailing list