I run a number of blogs and the amount of blog spam that was hitting my blogs everyday was becoming a real problem. It got so bad that I shut two of them down all together, and had to switch the rest to comment moderation. All the spam comments were automatic bots that were posting spam links day and night. I use a blog platform with a spammer blacklist (b2evolution), but even updating my blacklist of words daily wasn't giving me much relief.
How I stopped it:
I have a dedicated server. Desperate for a fix I read a bit about mod_security. At that point, I hadn't enabled mod_security on my server, and neither had the company I rent the managed server from.
Mod_security is an open source tool that can be used to detect and stop intrusions on your web applications. When you enable it, it won't do anything until you give it a set of rules to apply to your web server traffic. If you make the rules too strict, then you end up blocking legitimate interactions with your site visitors - like legitimate comments and form field submissions.
I used rules from Got Root : Welcome. You can read through the text of the rules here:
http://www.gotroot.com/downloads/ftp/mod_security/rules.conf
I had to play with some of them a bit, and had to turn a few of them off because they were preventing legitimate use. I watched my mod_security log through my WebHost Manager (WHM) on my server to see if it was blocking too much. There are rules to block known worms, excessive robots, injection code attacks and exploits.
I was skeptical at first, but I've had the mod_security and a large number of rules installed for a few months now. I have virtually eliminated ALL automatic spam comments on all of my blogs. The only spam comments I get now are ones that are manually typed in. It is a breath of fresh air to not wake up every morning to a mess of comments to delete or moderate.
If anyone has their own server and hasn't set up mod_security yet, I give it two thumbs up! If you want a copy of the rules I ended up using, PM me and I'll share.
How I stopped it:
I have a dedicated server. Desperate for a fix I read a bit about mod_security. At that point, I hadn't enabled mod_security on my server, and neither had the company I rent the managed server from.
Mod_security is an open source tool that can be used to detect and stop intrusions on your web applications. When you enable it, it won't do anything until you give it a set of rules to apply to your web server traffic. If you make the rules too strict, then you end up blocking legitimate interactions with your site visitors - like legitimate comments and form field submissions.
I used rules from Got Root : Welcome. You can read through the text of the rules here:
http://www.gotroot.com/downloads/ftp/mod_security/rules.conf
I had to play with some of them a bit, and had to turn a few of them off because they were preventing legitimate use. I watched my mod_security log through my WebHost Manager (WHM) on my server to see if it was blocking too much. There are rules to block known worms, excessive robots, injection code attacks and exploits.
I was skeptical at first, but I've had the mod_security and a large number of rules installed for a few months now. I have virtually eliminated ALL automatic spam comments on all of my blogs. The only spam comments I get now are ones that are manually typed in. It is a breath of fresh air to not wake up every morning to a mess of comments to delete or moderate.
If anyone has their own server and hasn't set up mod_security yet, I give it two thumbs up! If you want a copy of the rules I ended up using, PM me and I'll share.
