the limit directive limits the IP ban to GET requests and POST actions… so they won’t be able to comment but they will be able to access files.
there’s no good reason to limit when IP banning.
My experience with lorelle is that she’s not necessarily very technical. She’s more of an internet hunter/gatherer with a desire to share her findings. This is a good thing, but it doesn’t mean you should take her (or anyone else’s) posts as gospel.
just to let you know… I’ve managed to halve the amount of spam on my blog by ip-banning the major repeat-offenders. It is effective, but it’s not super-effective and you have to keep an eye on it.
Thread Starter
saphod
(@saphod)
Thanks, Ivovic!
That shows me just what I supposed, meaning that I can go on NOT using the <LIMIT> directive.
Well, I am not taking anyone’s post as gospel – otherwise, I wouldn’t have written this post, right? 😉 It’s just that you can get confused when you see people doing things differently: you ask yourself “What is the difference? Which solution should I take?”
Until now, those spambots have not done too much harm on my site, but they are kind of affecting the stats – that’s why I wanna keep them outside.
But you are right: after a certain period, you should delete the list of IPs and start from scratch – the internet is very vivid and changes all the time.
Firestats is actually a nice plugin to help you keep track of spambots. In addition, I like to lookup suspicious IPs on http://projecthoneypot.org
yep, clarification is always a good thing… keep up the good fight, as they say.
I’ve often thought about setting up an IP-banning merge/mirror facility, but the problem is you can’t trust users to exercise due diligence in clearing out the old IPs… so it’s too easy to end up with an enormous list of inactive IPs.
perhaps akismet needs an extension to proactively IP ban the most popular spammers of the month.
Thread Starter
saphod
(@saphod)
Well, it’s not just about spam comments…
I hate those spambots spidering my site at all. 🙂
Roy
(@gangleri)
Just a question of a know-not-too-much, but doesn’t Bad Behavior take care of that (too)?
Thread Starter
saphod
(@saphod)
Well,
a) I do not like these things to be handled automatically and
b) it seems like BB creates some issues now and then as can be read here: http://wordpress.org/tags/bad-behavior
Therefore, I have never installed it.
As I said: I prefer to have an overview of what I am blocking, therefore I do it manually – sometimes checking against http://projecthoneypot.org , as I already mentioned.
I’ve heard nothing but good things, but the contempt for users shown by this page really puts me off. http://www.bad-behavior.ioerror.us/documentation/how-it-works/
spend 10 minutes and lay it out, or just stop calling yourself a programmer.
Thread Starter
saphod
(@saphod)
Yeah, seen that, too – that’s kind of lame…
Ah, an old one which answers a question. Long live the search function.
Speaking of which: what’s really lame is to reflexively shoot from the hip and ask a question upfront and firsthand to the author, expecting a personal firsthand reply, in blithe disregard of any meaningful effort to figure out if, perhaps, someone else inquired about the possible uses for those funny round things placed at the ends of axes underneath horse carts. Spending 10 minutes quickly becomes 10 hours, and much more, and that is simply past the point of reasonable endurance. Fortunately you haven’t seen the page after page full of whiny know-betters insisting that their friendly regular Google and MSN bots from China and the Russian Federation really shouldn’t have been blocked by that nasty bad plugin. Good riddance to those pages. As it is, collaborative, volunteer projects are two-way contracts: the author is available to reasonable requests, while the users provide useful feedback and minimize being unshaven and unwashed PITAs, like the pests that BB keeps out.
Anyway.
There’s a fundamental difference between using (what I call) a remote blacklist and a local blacklist: the former implies a request (as brief and fast as it is, akin to DNS queries) while the latter just plain smacks the door in the face upon sight. So, if you’re particularly hard hit by bots, a local blacklist probably is the better short-term solution. Then again, neither of the two is an adequate solution for DDoS script kiddos, when they’re hellbent on making their two-bit sentiment felt. Plus, another downside of a local blocklist: it should to be regularly maintained, while a (remote) blacklist is usually very regularly updated.
Besides, neither local or remote blocklists won’t do you good against determined efforts aimed specifically at the site; it’s, just like BB and Akismet and Project Honeypot and others, a 99% solution, not a 100% one – obviously.
Peace (and bot-pests) out.
