Support » Plugin: BulletProof Security » Blocking comment spam

  • Resolved Bunzer

    (@bunzer)


    I installed BPS and it seems to be working well. Until today, when I noticed that a spam comment had a previously blocked IP.

    Everything else seems to be okay in that section – user agents are being blocked correctly. I added myself to the comment spam blacklist, and was able to post okay.

    I haven’t changed anything in that block, apart from adding a few more ranges (and myself). Any suggestions as to how to debug this problem?

    http://wordpress.org/extend/plugins/bulletproof-security/

Viewing 15 replies - 1 through 15 (of 24 total)
  • Plugin Author AITpro

    (@aitpro)

    Check your root .htaccess file to make sure the IP blocking htaccess code is actually in your root .htaccess file.

    With the additions of the new Custom Code text areas/text boxes you can now add (should add) all your IP blocking code to the…

    CUSTOM CODE BOTTOM HOTLINKING/FORBID COMMENT SPAMMERS/BLOCK BOTS/BLOCK IP/REDIRECT CODE: Add miscellaneous code here
    ONLY add valid htaccess code below or text commented out with a pound sign #

    …text area/text box, save your custom code, go to the Security Modes page, click the Create secure.htaccess File AutoMagic button and activate Root folder BulletProof Mode again.

    By adding all of your custom IP blocking code to this Custom Code text box you can continue to build it up/add to it since it is saved permanently and then repeat the steps above each time you edit your custom code.

    Plugin Author AITpro

    (@aitpro)

    For folks who have a BuddyPress site and are getting hit hard by comment spammers/comment spammer registrations like we once were – 1,500+ per day then these solutions in the link below now allow ONLY 1-2 comment spammer registrations per day.

    BuddyPress Spam Registration – BuddyPress Anti-Spam Registration

    Everything is in place. It’s what I have in the last block which seems to be the problem. I think the problem may be with my implementation of the Files/FilesMatch containers. Here is what it looks like (edited for brevity).

    <FilesMatch “^(wp-comments-post\.php)”>
    Order Allow,Deny
    Deny from 46.119.35.
    Deny from 46.119.45.
    -etc-
    Allow from all
    </FilesMatch>

    BrowserMatch ^-?$ badrobot
    BrowserMatch Ahrefs badrobot
    -etc-
    <FilesMatch “.*”>
    Order Allow,Deny
    Deny from env=badrobot
    Deny from 5.45.202.0/24
    -etc-
    Allow from all
    </FilesMatch>

    <FilesMatch “(robots\.txt|favicon\.ico|403\.php)”>
    Order Allow,Deny
    Allow from all
    </FilesMatch>

    I removed the last section and the problem continued, so I’m guessing it’s the middle section which is cancelling out the first.

    I have done it this way because I wanted a neat way of issuing the BPS custom 403 even though access was denied (causing a double 403).

    Any alternative methods suggested would be greatly accepted, as I’m not great at this stuff.

    I think I got it working…

    <FilesMatch “(robots\.txt|403\.php)$”>
    Order Allow,Deny
    Allow from all
    </FilesMatch>

    <FilesMatch “^(wp-comments-post\.php)”>
    Order Allow,Deny
    Deny from 46.119.35.
    -etc-
    Allow from all
    </FilesMatch>

    BrowserMatch ^-?$ badrobot
    BrowserMatch Ahrefs badrobot
    -etc-
    Order Allow,Deny
    Deny from env=badrobot
    Deny from 5.45.202.0/24
    -etc-
    Allow from all

    Plugin Author AITpro

    (@aitpro)

    Search Engines need to access robots.txt and a 403.php template would need to be accessed by Browsers to process 403 errors. You can just delete that code because you are saying to allow access to everyone and not block them so it is the same thing as doing nothing.

    Without that bit of code, I was getting a default 403, rather than the custom page because trying to display the custom 403 gave another 403! 😀

    Plugin Author AITpro

    (@aitpro)

    ErrorDocument 403 is an htaccess redirect directive that should point to your 403.php template file. If that is not working correctly then something is interfering with that directive.

    Example of what you should see in your root .htaccess file:
    ErrorDocument 403 /wp-content/plugins/bulletproof-security/403.php

    points to the BPS 403.php template file.

    I saw that, and I fully understand what you’re saying.

    What I’m saying is that, by blocking an IP or user agent from the website, it is unable to display the 403.php you described, and the server issues a double 403 – i.e. it issues a custom 403 which is blocked causing another 403.

    I added the above code so that even a blocked computer could at least access robots.txt and the custom 403 page.

    Plugin Author AITpro

    (@aitpro)

    You should not have to use this code below so I do not understand what exactly is causing the problem/wrong on your particular site??? What happens when you comment out this code for testing?

    <FilesMatch "(robots\.txt|403\.php)$">
    Order Allow,Deny
    Allow from all
    </FilesMatch>
    Plugin Author AITpro

    (@aitpro)

    What is supposed to normally happen is this.

    All 403 Forbidden errors are redirected by the ErrorDocument directive when the 403 error occurs. This should only generate 1 403 error in your Security Log.

    It may be something I added to the last block. I haven’t got any more time this weekend, but I can have a go on Monday, to check.

    This with above code hidden…

    Forbidden

    You don’t have permission to access /yorkshire/cawood/ on this server.

    Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

    Plugin Author AITpro

    (@aitpro)

    Wow very strange. Did you click the AutoMagic buttons before activating BulletProof Modes?

    Plugin Author AITpro

    (@aitpro)

    Oh wait a minute this code does not look valid.

    <FilesMatch ".*">
    Order Allow,Deny
    Deny from env=badrobot
    Deny from 5.45.202.0/24
    -etc-
    Allow from all
    </FilesMatch>

    You actually need to do something like this.

    <FilesMatch "^\.(php|js|css)$">
    Order Allow,Deny
    Deny from env=badrobot
    Deny from 5.45.202.0/24
    -etc-
    Allow from all
    </FilesMatch>
    Plugin Author AITpro

    (@aitpro)

    Also I have run into problems using CDIR IP blocking .0/24 and have found that just adding the dot (.) is more reliable across different hosts. And on some web hosts adding a CIDR causes 403 errors.

    Deny from 5.45.202.

Viewing 15 replies - 1 through 15 (of 24 total)
  • The topic ‘Blocking comment spam’ is closed to new replies.