WordPress › Support » New Plugin: Referrer Bouncer

angsuman
Member
Posted 4 years ago #

A Plugin to bounce back referrer spam attempts; requires no upfront configuration, no mod-rewrite. It is like the strong silent bouncer at your favorite club. Tested only on WordPress 1.5. Should work with earlier versions.

It redirects spammers back to their referring domains.

The Plugin doesn't require any manual configuration to operate as it comes pre-configured with known list of referrer domains and sub-domains.

However if you feel that you still need to add/modify additional domains/sub-domains/words etc. you can do so from the links provided in the Plugin page. It documents all the procedure with appropriate links.
PirateKing
Member
Posted 4 years ago #

Just want to say, it works great. With spam-karma blocking the comments and trackbacks, this was the missing piece that annoyed me everytime I looked at my referrals. I was using .htaccess redirecting everything back to 127.0.0.1, but this is much easier to manage.
Thanks!
georgianlady
Member
Posted 4 years ago #

How does this differ from the no-refer-spam.php hack? I am using that and adding referrers to it nearly every day. I see in your plugin it has pulled that original list ... hence my asking since I am using said hack and using it centrally with more than one site so that I only have to add a code to one spot on a page for each weblog to pull from that one list. So how is your plugin more useful, please pardon my forwardness, for helping bounce out spammers without ever updating it or thinking about it, since I do use no-refer-spam.php hack and have to add to it or get hit with ugly spam again again from them. It's blacklisted, but still annoying to get it at all. I see it easily since I have ColdForged's editcomments plugin installed.

Once I add someone to the no-refer-spam.php hack they don't post comments, etc. anymore, but have to reinvent themselves. They do just that. So it's my interest to bounce them high and far away ... never to return.

Not possible for sure, but since they plague just one of my installs, it's quite apparent I need heavy duty battlegear and can't not monitor the battlelines for more than overnight.
macmanx
Member
Posted 4 years ago #

The difference is:

"I saw few scripts, never a real WordPress Plugin which does the job without requiring you to configure anything or without requiring manual modification of core files." ~ The Plugin Developer
georgianlady
Member
Posted 4 years ago #

But then it has to be installed on each blog and won't work on non-wp pages ... but otherwise, does this plugin, "boucer" and "no-refer-spam.php" work the same to bounce bad referrers back ...?

Also, I have had several .buy-2005.com spammer things on my site today. Many different words before ".buy-2005.com"as referrers. They keep posting even though I have "buy-2005.com" in my "no-refer-spam.php" file properly. I tried it with a "." before and also just "buy" and they still get through. Other things I've entered have stopped showing up in the referer logs and also haven't posted any spam comments, of course.

These spammers all are the same "online pharmacy" with various IP's all being reused off and on, but nothing keeps them bounced out ... so I see no use in using the plugin like this, if it won't even keep this dumb spammer out.

This spammer loads a page, submits a comment and the page reloads, just like a real person is commenting. So it's a person doing it, not a BOT, right? I think it's just someone being extremely annoying on purpose. It's all gotten worse for me since I put an online gambling link to wikipedia in my sidebar links under "spam junk". Lots of poker spam and an attack at wp-login and changing my password, now tons of online-pharmacy and other sexual content spam, all stuff that can't be stopped due to unique false referers or no referers at all ... just icky icky icky people out there I am so very sick of it all. So I'm just venting this off my chest here since it's related to this plugin being similar to no-refer-spam.php which has been so very kind and good to get lots of the old stuff from being able to access my site, but man alive it's just plain annoying that they have figured out how to bypass even that now.

VENT OVER. :)
macmanx
Member
Posted 4 years ago #

That's why I use a combination of Referrer Karma to alert me of bad referrers and setenv in .htaccess to block the bad referrers. They will never get around .htaccess.
angsuman
Member
Posted 4 years ago #

@georgianlady
As Macmanx has kindly pointed out the key difference is that the referrer bouncer plugin doesn't require manual changes and comes pre-configured for WordPress users. And that it is a plugin. So you don't have to insert it separately in index.php, wp-comments.php etc (to further illustrate the manual changes part). It takes care of them automatically. Yes I have made the plugin for WP community only. However it can be trivially modifed for any other Weblog/Website environment.

Other then that both does the same thing. It silently bounces back referrer's spammers without bothering you in the least. Additionally this plugin allows you to add/change the referrer list from a text file (not code) and features are provided to manage it from the admin pages.

However stopping referrer spammers doesn't stop all the spam.

There are spammers who doesn't use the referrer technique(or may be not in your list) but simply resorts to trackback or direct comment spamming. To prevent them you should use WordPress moderation and blacklist feature. However do not check the box wrt. stopping spam for open proxies(buggy impl.). Additionally if you need you can use HashCash plugin too which some users have commented to be useful. Personally my needs are met so far with a strong blacklist. Also I ensure that first time commenters are automatically moderated.

Hope that helps...
macmanx
Member
Posted 4 years ago #

In response to your warning, "Warning: Do not check the option to Blacklist comments from open and insecure proxies. Using this option nuked valid comments on my site for 20 days or so. However it can be fully recovered," one of very few. Most of us, including WP's lead developer, use that option and have had no problems with it. This is probably an isolated issue. Have you reported it to the bug tracker yet?

Now, if you want some good spam control, use Spam Karma and a stronger blacklist (not for children).

More info: http://codex.wordpress.org/Combating_Comment_Spam
georgianlady
Member
Posted 4 years ago #

I have a zillion things in every spot to get the spammers ... so I'm only Q'ing if this plugin is more helpful than the hack I already have. It doesn't seem it is :) I have no problem with adding a little require code in just a page on each blog.

It does seem the spam I'm getting now is just painfully faked referrers and directly going to my blog and posting comments.

I installed HashCash last night. Overnight I see in referrers that many attempts from similar "*.buy-2005.com" referrers came, loaded a page, loaded comments-post.php ... but that was it, no more of them. No bad comments got through. But a legit firsttime comment from a blogfriend did post in moderation fine.

So I'm thankful for HashCash helping me through the night with nothing new, but still not liking this particular spammer taking resources.

I have whitelist and blacklist words in discussion options. I have cg-referrer, no-refer-spam.php, and I update all these things daily. I go over my referrers and add stuff into these places. I see referrer spam on other blogs and add that to mine immediately. It's just a fun game that isn't so fun when you can't wholy stop one of them for just a day ... If it wasn't such a big deal, I'd just delete my blog, but it's a big deal, so I won't. :)

My very own site has attracked the nasty words that I have in my blacklist and no-refer-spam list, it ain't for children, they are worse than that "stronger blacklist" I dare say. Those people seem to be gone now. I don't get them the past several days. Just this poker and online pharmacy junk that is probably connected, maybe not, but seems so to me.

I don't have lots of things installed, but feel like I do. I do need to review and go over all the nice get-rid-of-spammy-trash tactics again. So maybe I'll take a look at this plugin version and see how it works out with my need to use something centralized to a degree ... just for more fun. :)
tom_raftery
Member
Posted 4 years ago #

Georgianlady,

I would second MacManX's advice to use your .htaccess file - I have found a combination of this, the blacklist and Referrer Karma mean that I no longer moderate my comments.

In the .htaccess, you can block by referrer, by http_via, by ip, etc. I have utilised several of these methods in my .htaccess file so that I am stopping not just the referrers but also the bots which submit most of this spam.

Finally this method doesn't stop people browsing with javascript turned off - something which Hashcash does unfortunately.

For more see my post on using no comment spam plugins
angsuman
Member
Posted 4 years ago #

@Macmanx I am not comfortable with SpamKarma. It has some dubious logic. For example when I tried posting to a WordPress Site (after following a trackback entry from my site), which had SpamKarma installed, it wouldn't allow me to post! On looking at the reasons I found that because I followed from a link (referrer) which had dashes (as generated by the post slug of my wordpress blog) it thinks I am a spammer! So I directly tried to load the page in another browser and tried posting a comment. It wouldn't allow me to do so because it thinks no real person directly comes to a post or can never bookmark a post and later comment on it! Additionally the comment contained a link which also had dashes. So spam karma trigerred happily. Finally the moderator/author had to let me in!

I do not want to use anything which throws nasty messages at valid commenters to the site. I respect the people (non-spammers) who tries to comment in my site.

As for the option to blacklist comments from open and insecure proxies I have tested it in two blogs of mine with identical results. It marks any comments as spam and silently removes them. It doesn't even allow me to comment on my blog while logged in!

Are you guys using the release version of Strayhorn aka WP 1.5?

I am pretty positive about the problem as I have rigorously tested to prove it beyond any doubt. In fact I got confirmation from others too in this forum. Search for blacklist.

I would definitely advise anyone not to mess with that option in Strayhorn release version.
georgianlady
Member
Posted 4 years ago #

About .htaccess:

some of us don't have that option, having a host whom is free (a friend) and that friend has not the time nor the ability to know how to make it work so that I can use .htaccess however I want. They are open to it, but since I don't have access to the server config I have no idea what they've done and it's a mess trying to make them understand, so ... I'm limited to what I can do with php and all that.

Other HOSTS don't have .htaccess also, it's not a worldwide feature on all hosting sites to allow it, so I understand.

I'm using Strayhorn 1.5. I have "open proxies" checked and all my real comments are fine. Only things marked as SPAM are real spam ... I have ColdForgeds editcomments plugin installed, so I can see all the spam junk easily in WP Admin edit comments screens, as well as page through all comments as I want.

As for my current setup, I have another referrer gatherer setup on my site too, on all my pages the last week or so, including WP. I wanted to see how it tracked things compared to cg-referrer and so with the only spam I'm getting now it's apparent it's one source. All with 'buy-2005.com" as a referring url, and the different refer-trackings that I have list them differently here and there as to their base domains.

By inputting any or all of those IPs in my no-refer-spam.php file, they repeatedly get in. Putting any form of "buy-2005.com" or the pharmacy and meds names in front of it as show up in referers, they get through and load pages. All comments were marked as spam, of course, due to blacklistings, before I installed WP-HashCash plugin last night. Since then, they still come in and load pages, they just can't post comments now. That's vast improvement, but this isn't a problem that can be solved with blocking IP's with PHP, and since .htaccess isn't available that's not an option and since it doesn't block these IP's and Referrals I doubt they'd be blocked in .htaccess anyhow. They must be spoofed things, differently than these methods can handle. Previous times all the spam I got I have logged into no-refer-spam.php in the smallest way I could to see if it'd stop that type of spam, and it did in all cases, until "viagra-online.buy-2005.com" has come in, and all the other pharmacy names that come in like that.

This seems like the most foolish spamming stuff anyhow, since the comments they left when they could still comment, previous to WP-hashcash ... didn't have any value other than trashing my comments with junk fake links to nowhere. They all flag as spam though due to the right words in blacklist.

Is there a different method then, in the plugin this thread is about, that is similar to no-refer-spam.php, of course, that will BOUNCE this "buy-2005.com" idiot back to nowhere that they came from? I'm sick of "him" and at least I don't have to look at his dumb comments tagged as spam, since last night, but I want him out of my referers, he's clogging it up and that's more than bothersome ... it's resource hoggy and that's just plain mean. KWIM?

I know there's that kind of people out there, but it's sad if a big old bouncer can't bounce that dude out of the bar entirely. :(

Any way to bounce this multi-fake-domain-numbers and names online pharmacy freak with PHP?
macmanx
Member
Posted 4 years ago #

I am using the v1.5 release version and have no problems with the "Blacklist comments from open and insecure proxies" option.

As for Spam Karma false positives, if you have the latest version of Spam Karma, you can use Spam Nuker to recover any comments which are falsely deleted by Spam Karma (though I haven't had ay yet). http://www.chrisjdavis.org/2005/03/05/spam-nuker-151/

As for hosts not allowing .htaccess, I'd move to a different host.
davidchait
Member
Posted 4 years ago #

georgianlady:

I can show you where you can add things to the cg-blacklist file manually, or 'add' onto it later on so you can upgrade easily. very easy to stomp a domain out. cg-blacklist.php has an array at the top $ignoreReferSites, and you'll see the start of a list of domains and keywords. You want to be careful, so you don't accidentally block people out...

after the comment "// recent should be at the TOP...", you can add:
'buy-2005',

That will stop him in his tracks.

You CAN'T block by IP. These guys are jumping IPs, using proxies or zombies. You have to block them by domain. CG-Referrer catches them immediately once you add to the list. Start with the 1.5a6 release, as it's just prior to the buy-2005 guy, and has a lot more keyword catches that seems to stop > 75% of the new junk from a new domain until I get to it. Funny thing is I haven't gotten a spam COMMENT in a long time now, just pings on the referrer list.

If you are getting a TON of comment spam, AND have basically zero real comments coming in, I'd be happy to work with you to test out (and improved) CG-AntiSpam to try and catch these guys after they make it past CG-Referrer.

But, I'll admit, while I have a bunch of spam-checks that I don't know are necessarily in use in other plugins, I do know that SpamKarma (and ReferrerKarma) do have certain things over my CG equivalents...

The other thing I'm tossing around is a centralized spam-domain and spam-word service, that can be polled once a day to get auto-updated lists -- and a 'submission' system where you can click on a button/link in CG-Referrer or CG-AntiSpam to submit what you feel is new spam to be added to the central DB.

I also at one point talked to drdave about combining efforts, maybe rolling some of my Referrer/AntiSpam stuff into his Karma efforts, as more people focused on one set of plugins might result in better plugins for all... ;)

-d
georgianlady
Member
Posted 4 years ago #

Davidchait, I have your updated CG-powerpack in, have since you put it up :)

I am using no-refer-spam.php as a bounce-back and it seems to have worked for all the domains I've had spam from before that I wanted to knock out, but the "buy-2005.com" dude, it's not working at all to get rid of him.

So guess I'll just try and get that into the cg-blacklist and see if THAT will do it, but what would be the difference?

I am getting some legit comments and no more SPAM comments since I put WP-HashCash in place last night. So buy-2005.com is hitting me very often, but unable to complete comments to me since last nights hashcash install. With cg-referrer in place and utilizing no-refer-spam it seems they have both worked to get rid of all the other nasty spammers at least.

I have put IP's in since I've looked over the referers and see that they are reusing IP #'s often enough. It just seems that any other spammers that I've had, if they have anything I can enter as IP or domain, it bounces them away in the future. This guy nothing is bouncing him, just wp-hashcash is keeping him from commenting seems.

I am just psuedo-knowledgeable over all this and doing what seems to work, and having to step it up now it seems. This buy-2005.com guy is not doing the same thing as the others before him, at least it seems that way to me. :-0

Macmanx--- .htaccess is worth it, but not worth the price to move! I have several sites ... cost me nothing but domain price. I can live with no .htaccess, and have. I myself just need to learn what to teach the server owner to do to apache to let me use it.

Anyone else that is paying for a site and has no .htaccess, sure, move on! I agree it's worth it if you can find it in your pricerange. Free is in mine right now ;)
georgianlady
Member
Posted 4 years ago #

-----The other thing I'm tossing around is a centralized spam-domain and spam-word service, that can be polled once a day to get auto-updated lists -- and a 'submission' system where you can click on a button/link in CG-Referrer or CG-AntiSpam to submit what you feel is new spam to be added to the central DB.------

Thumbs up to all that!

-----I also at one point talked to drdave about combining efforts, maybe rolling some of my Referrer/AntiSpam stuff into his Karma efforts, as more people focused on one set of plugins might result in better plugins for all... ;)-----

I'm toying with what to do next and if I should try to add some more on, to get rid of something and add something more to go with cg-referrer ... so future collaboration sounds like a mighty nice tool to weild could be created!
georgianlady
Member
Posted 4 years ago #

Note: I just added buy-2005.com to cg-blacklist.php ... but also noticed that the last time a referrer came from that today was a few hours ago ... so time will tell. It wasn't adding "buy-2005.com" to cg-blacklist.php since I literally just did that 5 minutes ago and it's been since mid-afternoon here on the east coast that I haven't had a referrer logged from one of them -- it was around 2pm the last one showed up. We shall see what happens over night ... maybe they got worn out hitting my site and having whatever happens with wp-hashcash? I don't know what it does to them. But who cares, if they go away ;)
georgianlady
Member
Posted 4 years ago #

Hey, back it came, with a reinvent ... still couldn't post a comment though they tried ... but here's the new referrers ... nifty smarties, ain't they ;)

buy-2005-top.com
buy-2005-top.com
prozac-nation.buy-2005-top.com mexican-pharmacies-online.buy-2005-top.com
macmanx
Member
Posted 4 years ago #

I've used .htaccess to block any referrer with buy-2005 in the domain. Perhaps there is a similar method with CG-Referrer?
georgianlady
Member
Posted 4 years ago #

that's what I have in there now. "buy-2005" but they'll just add something more into it to defeat that next go-round ... that's all they are doing, they are all totally fake referrers.

"buy-2005" in no-refer-spam.php hack didn't bounce them out, btw, which is the whole reason I was here on this thread in the first place, trying to figure out if the bouncer plugin this thread started as was any different than no-refer-spam.php in how it works, besides being plugin vs. hack. Since it was said it wouldn't be different I saw no sense to use it instead, since hack was in plac e and working fine to keep others out, but not keeping buy-2005 out no matter what.

buy-2005-top.com could next be

buy-me-2005-me-top-me.com or any other weird configuration that they'll figure out to get around it. ;)

In any case, all the titles used are getting longer and longer and sillier and sillier, IMO.

I had 10 "first" hits in an hour and a half, during dinner time here. Nothing before that since earlier afternoon as I said before. It took all that time to come up with -top I guess. I put ".com" on the back of the cg-blacklist.php entry I put in before. I wouldn't have if I had been thinking more clearly, it's like that now though ;)
angsuman
Member
Posted 4 years ago #

I started having those buy-2005 ads too. Now I just added buy-2005 to my list. Last 24 hours I didn't get any of their spam.
angsuman
Member
Posted 4 years ago #

@Macmanx It appears the problem with open proxies is happening to some people only. I will take a look at the code to see what could be causing this. Any ideas?
davidchait
Member
Posted 4 years ago #

CG-Referrer will block the domains matching the blacklist, without needing htaccess modifications. I dislike touching htaccess if I don't have to... ;) I don't know what no-refer-spam.php does, might be duplicating CG-Referrer functionality. Also, if no-refer-spam runs BEFORE CG-Referrer, obviously my logs won't show anything.. ;)

yes, if you do just "buy-2005" you'd be okay.

Note that these AREN'T 'fake referrers', in the sense that they are actual registered domain names.

We should be able to stem 99% of spam, and at some point somebody HAS to take this on from the new anti spam laws and get these people fined and shut down. :)

-d
angsuman
Member
Posted 4 years ago #

@georgianlady I am not sure why having buy-2005 is not stopping your spam. The two possible reasons are that the script you use does an exact match or you made a typo.
In my case I got rid of the spams immediately after adding the phrase to the list. You can look at my current list http://blog.taragana.com/wp-content/referer.txt
Feel free to copy it for your use.
I don't use HashCash or any other means other then those described above. I seem to be doing fine.
angsuman
Member
Posted 4 years ago #

New version of Referrer Bouncer plugin released.

Topic Closed

This topic has been closed to new replies.

WordPress.org

Forums

New Plugin: Referrer Bouncer - A Plugin to bounce referrer spam (25 posts)

Topic Closed

About this Topic

Tags

Code is Poetry