[mdlug] The joys of site proprietorship - Update

[Ingles, Raymond]

> From: Ingles, Raymond

In the hopes that it might help save someone some time...

> Running the site for the Android app I wrote, it's been going fine for a few months.
> Now some stupid bot in Russia found it. It's not hacking anything, it's just hitting my site with fake "referer" tags, lots
> of different ones but 90% from the '.ru' domain.

Blocking based purely on the content of the "HTTP-REFERER" tag has helped a lot, but still a little more is getting through. So I've checked the logs and identified addresses that the spam is coming from. Then I added a section to my .htaccess file to block those IPs. That way even if they try to use a site name that my config doesn't block, they'll be caught anyway. For now, it looks like:

<Files *>
order deny,allow

# Russian/Ukrainian referer spam bots
deny from 12.107.188.30/32 37.115.112.88/20 46.118.125.84/22 46.119.119.29/32 82.193.99.33/32 92.126.212.224/32 92.249.127.111/32 109.120.157.179/32 134.249.49.231/16 178.137.90.83/21 195.242.218.133/32 217.69.133.0/24
</Files>

We'll see how effective this is, but I expect it to reduce the spam to a trickle. The odds of me blocking a legitimate customer from the Ukraine are pretty slim, but if I started getting hits from larger ISPs this approach might not work.

The contents of this e-mail are intended for the named addressee only. It contains information that may be confidential. Unless you are the named addressee or an authorized designee, you may not copy or use it, or disclose it to anyone else. If you received it in error please notify us immediately and then destroy it