最近コメントスパム対策していてわかった事。

ホーメル スパム レギュラーN 340g

ホーメル スパム レギュラーN 340g

最近コメントスパム対策して思うことなのですが、下の様に、apacheの設定/etc/httpd/conf/httpd.confに直接denyするIPアドレス範囲をCIDRでまるごとBANしてます。(.htaccessでも同様)

IPアドレス単位で拒否しても間に合わないからです。そういう意味ではWordPressのIPアドレス単位でスパム投稿を拒否するSpammer Blockerは設置していますが、あまり効果がありません。

また、最近は凄くマイナーな国のIPからスパムが投稿されてきます。拒否すれば拒否するほど、どんどんマイナーになっていきます。最初はオーソドックスな中国、南米、ロシアあたりなのですが、ルーマニア、スウェーデン王国、オランダとか、アフリカの小国あたりから来たりします。(もっとマイナーなところがあったけど思い出せないw)

どうも、denyでステータスが403で拒否されているとわかると他のIPを使って投稿しようとする機能がスパムソフトウェアにあるのではないかと思っています。

そういうわけで、コードを403を返さないようにして200を返して受け取ったふりをしたほうが良さそうに最近思っています。暇な時にでもやってみます。それでスパムがなくなれば万々歳ですし。

そういえば、そういう風に受け取ったふりをするっていう話を何処かで見たような気もするし。

IPアドレスツールズ

#============================================================
#
# SPAM IP Address Block
#
#============================================================
<Location ~ "/(trackback|wp-trackback\.php|wp-comments-post\.php|wp-cron\.php|mt-kiss-mint\.cgi|mt-comments\.cgi|mt-tb\.cgi)$">
order allow,deny
allow from all

SetEnv nolog
deny from 184.154.0.0/16
deny from 184.22.0.0/16
deny from 31.184.192.0/18
deny from 130.185.152.0/21
deny from 85.185.0.0/16
deny from 74.221.208.0/20
deny from 91.218.112.0/22

deny from 199.119.224.0/22
deny from 198.167.136.0/21

deny from 113.212.64.0/19
deny from 5.164.0.0/14
deny from 142.4.192.0/19
deny from 213.238.128.0/18
deny from 88.118.0.0/15

deny from 173.213.64.0/18
deny from 108.178.0.0/18
deny from 178.19.96.0/20
deny from 221.232.0.0/14
deny from 91.207.4.0/22
deny from 95.154.192.0/18
deny from 192.95.0.0/18
deny from 58.48.0.0/13
deny from 2.92.0.0/14
deny from 172.240.0.0/15
deny from 199.231.208.0/21
deny from 180.180.0.0/16
deny from 157.181.0.0/16
deny from 209.107.192.0/19
deny from 5.158.232.0/21
deny from 93.80.0.0/15
deny from 204.12.192.0/18
deny from 183.171.0.0/16
deny from 23.88.0.0/15
deny from 84.10.0.0/16
deny from 91.210.100.0/22
deny from 72.46.128.0/19
deny from 5.135.0.0/16
deny from 5.248.0.0/16
deny from 91.121.0.0/16
deny from 93.95.152.0/21
deny from 94.153.0.0/16
deny from 199.115.228.0/22
deny from 216.155.128.0/19
deny from 222.83.0.0/17

deny from 1.160.0.0/12
deny from 1.52.0.0/14
deny from 103.27.248.0/22
deny from 106.192.0.0/11
deny from 108.163.192.0/18
deny from 110.168.0.0/14
deny from 110.240.0.0/12
deny from 110.80.0.0/13
deny from 110.88.0.0/14
deny from 111.0.0.0/10
deny from 111.120.0.0/14
deny from 111.128.0.0/11
deny from 111.172.0.0/14
deny from 111.176.0.0/13
deny from 111.72.0.0/13
deny from 112.0.0.0/10
deny from 112.100.0.0/14
deny from 112.111.0.0/16
deny from 112.64.0.0/15
deny from 112.88.0.0/13
deny from 113.160.0.0/11
deny from 113.204.0.0/14
deny from 113.64.0.0/11
deny from 113.96.0.0/12
deny from 114.224.0.0/12
deny from 114.24.0.0/14
deny from 114.240.0.0/12
deny from 116.16.0.0/12
deny from 117.192.0.0/10
deny from 117.21.0.0/16
deny from 117.24.0.0/13
deny from 117.40.0.0/14
deny from 118.120.0.0/14
deny from 118.91.176.0/20
deny from 118.96.0.0/15
deny from 119.161.128.0/17
deny from 119.162.0.0/15
deny from 119.232.0.0/15
deny from 120.128.0.0/14
deny from 120.192.0.0/10
deny from 120.32.0.0/13
deny from 120.40.0.0/14
deny from 121.204.0.0/14
deny from 121.60.0.0/14
deny from 122.204.0.0/14
deny from 123.168.0.0/14
deny from 123.188.0.0/14
deny from 123.232.0.0/14
deny from 124.117.0.0/16
deny from 124.200.0.0/13
deny from 124.234.0.0/15
deny from 124.90.0.0/15
deny from 128.68.0.0/14
deny from 134.249.0.0/16
deny from 14.140.0.0/14
deny from 142.54.160.0/19
deny from 146.0.72.0/21
deny from 157.54.0.0/15
deny from 163.125.0.0/16
deny from 173.220.0.0/16
deny from 173.44.32.0/19
deny from 174.139.0.0/16
deny from 175.148.0.0/14
deny from 175.42.0.0/15
deny from 175.44.0.0/16
deny from 176.212.0.0/14
deny from 176.8.0.0/16
deny from 177.0.0.0/14
deny from 178.137.0.0/16
deny from 178.32.0.0/15
deny from 178.54.0.0/17
deny from 180.176.0.0/15
deny from 180.96.0.0/11
deny from 182.176.0.0/12
deny from 182.88.0.0/14
deny from 183.0.0.0/10
deny from 183.64.0.0/13
deny from 183.88.0.0/15
deny from 188.143.128.0/17
deny from 188.186.0.0/15
deny from 188.237.0.0/16
deny from 190.36.0.0/14
deny from 190.77.0.0/16
deny from 192.151.144.0/20
deny from 192.157.192.0/18
deny from 192.187.96.0/19
deny from 192.227.128.0/17
deny from 193.108.248.0/22
deny from 195.191.104.0/23
deny from 198.200.32.0/19
deny from 198.204.224.0/19
deny from 198.245.48.0/20
deny from 198.27.64.0/18
deny from 198.50.128.0/17
deny from 198.56.128.0/17
deny from 199.15.232.0/21
deny from 199.193.64.0/21
deny from 199.30.48.0/21
deny from 201.208.0.0/14
deny from 202.109.0.0/16
deny from 202.28.64.0/18
deny from 202.46.0.0/20
deny from 203.204.128.0/17
deny from 208.115.192.0/18
deny from 210.242.0.0/15
deny from 211.140.0.0/15
deny from 212.175.0.0/16
deny from 212.179.128.0/17
deny from 216.228.0.0/19
deny from 216.99.144.0/20
deny from 217.195.192.0/20
deny from 218.108.0.0/16
deny from 218.194.0.0/16
deny from 218.24.0.0/15
deny from 219.128.0.0/12
deny from 220.136.0.0/13
deny from 220.160.0.0/11
deny from 220.232.128.0/17
deny from 221.0.0.0/15
deny from 221.176.0.0/13
deny from 221.196.0.0/15
deny from 221.212.0.0/16
deny from 222.132.0.0/14
deny from 222.218.0.0/16
deny from 222.76.0.0/14
deny from 223.240.0.0/13
deny from 223.64.0.0/11
deny from 23.238.128.0/17
deny from 23.244.0.0/15
deny from 27.148.0.0/14
deny from 27.152.0.0/13
deny from 27.40.0.0/13
deny from 31.41.216.0/21
deny from 36.248.0.0/14
deny from 37.112.0.0/15
deny from 37.115.0.0/16
deny from 37.59.0.0/16
deny from 38.0.0.0/8
deny from 41.75.80.0/20
deny from 42.224.0.0/12
deny from 46.118.0.0/15
deny from 46.161.0.0/18
deny from 46.20.144.0/20
deny from 49.64.0.0/11
deny from 5.102.72.0/21
deny from 5.254.0.0/17
deny from 5.39.0.0/17
deny from 50.128.0.0/9
deny from 58.20.0.0/16
deny from 58.22.0.0/15
deny from 58.248.0.0/13
deny from 58.60.0.0/14
deny from 59.102.128.0/17
deny from 59.112.0.0/13
deny from 59.56.0.0/14
deny from 59.60.0.0/15
deny from 60.164.0.0/15
deny from 60.208.0.0/13
deny from 60.28.0.0/15
deny from 61.154.0.0/15
deny from 61.19.0.0/18
deny from 61.93.0.0/16
deny from 63.141.224.0/19
deny from 66.117.0.0/20
deny from 66.249.64.0/19
deny from 69.26.160.0/19
deny from 74.91.16.0/20
deny from 77.124.0.0/14
deny from 78.106.0.0/15
deny from 80.82.64.0/20
deny from 82.137.192.0/18
deny from 84.24.0.0/13
deny from 89.138.0.0/15
deny from 89.248.160.0/20
deny from 91.198.118.0/24
deny from 91.200.12.0/22
deny from 93.112.0.0/13
deny from 93.174.88.0/21
deny from 94.102.48.0/20
deny from 94.233.0.0/16
deny from 95.170.192.0/19
deny from 95.24.0.0/13
deny from 96.47.224.0/20
deny from 198.50.128.0/17

deny from 89.169.0.0/16
deny from 109.175.0.0/17
deny from 37.187.0.0/16
deny from 95.104.0.0/17
deny from 5.135.0.0/16
deny from 41.160.0.0/12
deny from 149.154.152.0/21
deny from 89.165.0.0/17
deny from 192.99.0.0/16

deny from 5.135.0.0/16
deny from 5.153.232.0/21
deny from 5.144.176.0/21
deny from 8.0.0.0/8
deny from 14.16.0.0/12
deny from 14.32.0.0/11
deny from 23.19.0.0/16
deny from 23.90.0.0/18
deny from 23.94.0.0/15
deny from 23.104.0.0/13
deny from 24.0.0.0/12
deny from 27.152.0.0/13
deny from 31.204.128.0/19
deny from 37.29.0.0/17
deny from 37.72.184.0/21
deny from 37.203.208.0/21
deny from 46.29.248.0/21
deny from 46.164.128.0/18
deny from 46.183.176.0/21
deny from 49.213.16.0/20
deny from 50.2.0.0/15
deny from 50.115.160.0/20
deny from 59.120.0.0/14
deny from 60.166.0.0/15
deny from 60.168.0.0/13
deny from 61.153.0.0/16
deny from 61.167.0.0/16
deny from 61.190.0.0/15
deny from 62.4.0.0/19
deny from 65.255.64.0/19
deny from 68.224.0.0/13
deny from 69.26.160.0/19
deny from 69.174.0.0/17
deny from 69.175.0.0/17
deny from 70.80.0.0/14
deny from 78.129.128.0/17
deny from 80.108.0.0/15
deny from 81.4.64.0/18
deny from 81.94.224.0/20
deny from 82.158.0.0/15
deny from 87.68.0.0/14
deny from 87.98.128.0/17
deny from 87.206.0.0/15
deny from 88.64.0.0/12
deny from 89.189.128.0/19
deny from 91.232.96.0/23
deny from 92.245.160.0/19
deny from 94.19.0.0/16
deny from 94.23.0.0/16
deny from 94.242.192.0/18
deny from 95.37.0.0/16
deny from 95.78.0.0/15
deny from 95.105.0.0/17
deny from 96.127.128.0/18
deny from 98.192.0.0/10
deny from 107.158.0.0/16
deny from 108.62.0.0/16
deny from 108.170.0.0/18
deny from 108.174.48.0/20
deny from 109.194.0.0/15
deny from 110.80.0.0/13
deny from 111.160.0.0/13
deny from 112.124.0.0/14
deny from 113.212.64.0/19
deny from 115.28.0.0/15
deny from 115.132.0.0/14
deny from 117.59.0.0/16
deny from 121.8.0.0/13
deny from 122.224.0.0/12
deny from 123.8.0.0/13
deny from 123.150.0.0/15
deny from 128.72.0.0/14
deny from 134.210.0.0/16
deny from 139.0.0.0/16
deny from 142.22.0.0/16
deny from 142.91.0.0/16
deny from 171.116.0.0/14
deny from 172.245.0.0/16
deny from 173.0.48.0/20
deny from 173.208.128.0/17
deny from 173.236.0.0/17
deny from 176.61.136.0/21
deny from 178.150.0.0/15
deny from 178.161.128.0/17
deny from 180.248.0.0/14
deny from 184.95.32.0/19
deny from 185.38.248.0/22
deny from 188.64.168.0/21
deny from 188.92.72.0/21
deny from 188.232.0.0/14
deny from 188.240.0.0/15
deny from 190.94.0.0/19
deny from 190.200.0.0/13
deny from 190.248.0.0/15
deny from 191.232.0.0/14
deny from 192.3.0.0/16
deny from 192.82.248.0/21
deny from 192.208.176.0/20
deny from 192.252.208.0/20
deny from 193.67.0.0/16
deny from 193.105.210.0/24
deny from 193.160.224.0/22
deny from 195.78.108.0/23
deny from 196.196.0.0/16
deny from 197.249.0.0/16
deny from 198.100.24.0/21
deny from 198.100.144.0/20
deny from 198.143.128.0/18
deny from 198.144.96.0/19
deny from 198.154.60.0/22
deny from 199.180.128.0/21
deny from 199.195.248.0/21
deny from 202.98.0.0/21
deny from 202.171.252.0/22
deny from 204.45.0.0/16
deny from 208.89.208.0/21
deny from 208.100.0.0/18
deny from 209.141.32.0/19
deny from 216.151.128.0/19
deny from 216.152.240.0/20
deny from 216.189.0.0/17
deny from 218.28.0.0/15
deny from 218.56.0.0/14
deny from 219.150.128.0/17
deny from 220.248.0.0/14
deny from 222.136.0.0/13

UnsetEnv nolog
</Location>

タグ : , ,