[Moin-user] Snake eats spam!

Sat, 12 Sep 2009 22:04:59 -0700 

I am proud to say I have solved my spamming problem with a little Moin
hacking, my first hack! (Python is so cool)

This mod to PageComment2.py block spammers at the Apache .htaccess
file. The page stops writing and displays no comments. Subsequent POST
operations are redirected to an ugly offsite error page. No logging is
done in Moin, but the .htaccess file acts as a log.
NOTE: Excessively long rewrite lists can slow down your server. Trim
the list from the bottom periodically.

Starting at line 255:

if not missingfields:
    # check input
    import os, fileinput
    badWords=['preteen', ...etc]
    for badWord in badWords:
        if comtext.find(badWord)!=-1:
            for line in
fileinput.input('/Library/WebServer/WikiFarm/.htaccess', inplace=1): #
OSX path
                print line[:-1]
                if line.startswith("RewriteCond %{REQUEST_METHOD} POST"):
                    print "RewriteCond %%{REMOTE_ADDR} ^%s [OR]" %
os.environ.get('REMOTE_ADDR').replace(".", "\.")
            return ""


To set this up, your .htaccess file needs to be redirecting. Use text like this:

# Block page vandals
# Addresses are written by script
/Library/WebServer/WikiFarm/plugin/macro/PageComment2.py line 269
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REMOTE_ADDR} ^222
RewriteRule .* http://etc.Gnarlodious.com/Support_Files/BlockedAddress.htm [L]

IP addresses to be blocked will be written after the line
RewriteCond %{REQUEST_METHOD} POST

The great thing about this method is that they can't experiment for
which words need to be erased since their IP address is blocked from
saving any files. My battle with these spammers has taught me that it
is a virus that turns an infected computer into a proxy for this spam.
There is probably a better way to block using CAPTCHA but its not
working for me. I think the PageComment2 macro is a little old for
this spam offensive I am warding off.

-- Gnarlie

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Moin-user mailing list
Moin-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/moin-user

Reply via email to