The problem

I have been getting a hell of a lot of spam from a certain IP address, I’m not one to point fingers, so I won’t tell you what it is *cough* 194.8.75.149 *cough*. And I’m talking about 4 or 5 spam comments an hour (which I know, on the grand scheme of things is nothing, but it’s quite over-whelming for a small time blogger like myself!). So either it’s a bot, or a person who has an extremely large supply of non-prescription drugs in his garage. Either way, I don’t want them posting spam comments on my blog. If it’s a bot, it won’t really care; if it’s a real person, f@*% you, if all you can do is post spam comments, then I don’t want you reading my blog anyway!

The solution

I’m simply going to use my great pal .htaccess to deny access to my site from the spamming IP. I realise that this is not a great solution, after all, it’s unlikely that you’ll be able to keep on-top of every single IP address of spammers, but it’s an insight into the principles, and a great way of getting rid of single troublesome IPs.

So here’s the code:

1
2
3

Order Allow,Deny
Deny from 194.8.75.149
Allow from all

Which is as easy to understand as it looks – just give it the IP you don’t want to have access to your site, and tell apache to deny access. This is actually remarkably powerful, you can use it to conditionally serve CSS for different browsers (based on browser string), stop image hot-linking, and much much more.

Dude, just use Akismet

Yeah, I know, you’re right, Akismet is awesome! If you don’t have it installed on your blog, you should. It checks a huge (and frequently updated) database to see if a new comment looks like spam, and if so, puts it into a spam queue. But I just like to keep on top of my spam queue and keep it empty. So getting rid of this troublesome IP will save me a bit of time and trouble :)

</rant>

Have you had similar spamming IP problems? What were the addresses. Go on, name and shame!

There are a lot of tutorials out there regarding apache’s very powerful mod_rewrite module. They always seem to offer every solution except the one which you want! Here is an example of a mod_rewrite script which I commonly use.

1
2
3
4
5
6
7
8
9
10

RewriteEngine on
 
# Directories which we allow the browser to see
RewriteCond %{REQUEST_URI} !^/css
RewriteCond %{REQUEST_URI} !^/js
RewriteCond %{REQUEST_URI} !^/uploads
 
# Redirect all other 'directories' to the main php page
# for it to work out what to do.
RewriteRule ^(.*)$  index.php?/$1 [L]

There are a few directories which I WANT the browser to be able to access, the images folder for example. There are a lot of directories I DON’T want the browser to be able to access, and this is where my solution comes into play.

A quick code run-through:

• Line 1 turns the module on
• Lines 4-6 are the directories which the user is allowed to access. In pseudo-code it would look something like this:
  IF (the url doesn’t start with /css AND the url doesn’t start with /js AND the url doesn’t start with /uploads)
  THEN do the url rewriting.The scary looking %{REQUEST_URI} is just an apache environment variable.
• Line 10 is the ‘interesting’ bit. The ^ means that the pattern starts at the beginning of the url, the $ means that the pattern finishes at the end of the url, and the .* means match any charactor any number of times. Because the .* is in parentheses, it is then stored in the variable $1. The next bit is easy, just tell apache where you want to redirect to, in this case /index.php?/whatever/the/url/was.

Another great thing about doing it this way is that it’s not easy to get a 404 error, apache just re-writes the url and passes it to index.php, which we know exists so if the worst comes to the worst, it can always just show the home page.

If you need a bit of bed-time reading, I recommend the apache documentation on mod_rewrite. There is a GREAT cheat sheet over at ilovejackdaniels.com (there are also some for PHP, Javascript and the like. Much recommended).