Yet another spam retaliation tactic using mod_rewrite

Observed: a large (>80%) amount of bogus trackbacks are being POSTed with a user agent that is not a standard user agent to generate trackbacks.

Resolved: capture the trackbacks and redirect them to the site apparently paying for the spamming in the first place using mod_rewrite under Apache.

<files "mt-tb.cgi"> RewriteEngine On RewriteCond %{REQUEST_METHOD} ^POST$ RewriteCond %{HTTP_USER_AGENT} ^USER-AGENT-STRING-1.*$ [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^USER-AGENT-STRING-2.*$ [NC] RewriteRule .* [R=307,L] </Files>

What this does (I hope) is:

  1. Filter only against mt-tb.cgi
  2. Check if POST is being used
  3. Check against a set of user-agents which we don't expect to be used to POST trackbacks
  4. Redirect the traffic elsewhere

Posted in Comment Spam

202: Accepted Archives

Feed icon We use Feedburner to distribute our web feeds: 202 Accepted Feed

feedburner graphic

Copyright 2002–2011 Artific Consulting LLC.

Unless otherwise noted, content is licensed for reuse under the Creative Commons Attribution-ShareAlike 3.0 License. Please read and understand the license before repurposing content from this site.