httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ellison , John P">
Subject RE: [users@httpd] How to deny access based on user agent - help
Date Fri, 23 Jun 2006 18:41:20 GMT
> There is one particular spammer who I want to deny access to my web
> He is leaving comments & sending emails through the contact form which
> are full of p*rn site urls etc.
> He is spoofing his ip address so denying access on ip is out. The only
> thing consistent is the browser he uses. The string returned in the
> access log is "Mozilla/4.0 (compatible; MSIE 5.01; MSNIA; Windows 98)"
> and I thought I can deny access to the web site for this user agent as
> till now this guy is the only one visitor to my site using a browser
> returning this string.

Ok, sorry to drag this out, but I've got to ask... So, this spammer
happens to be using an old OS/browser, so blocking the traffic based on
browser works well.  The spammer could just as easily be using the
lastest version of IE on XP.  What's the real solution here?  I guess
the application should be doing some kind of filtering of the input
data, right?  How is the issue generally handled in the industry?  I
mean, there are a bunch of comment, customer service, type of pages on
websites.  Even blogs that allow content updates for webpages.  Is
spamming just a risk that you take when allowing web users to post data,
or is there software/filtering that is usually done?


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message