Home Links
Home Page Trap for a spam - bot We work with files on PHP DDOS-attacks and methods of struggle against them PHP supports realization of the mechanism of sending of headings HTTP. Date in Russian Choice from a DB in the casual order on PHP Autentifikacija users through the Web - interface Business on podkastakh - already a reality What is PageRank Google'b and how to receive it on a maximum How to struggle with magic_quotes_gpc Heading If-Modified-Since if PHP it is not established as a fashion Php blocking Soft increase IC and PR PHP and DNS. Check of the post address How to break search about pages (a paginal conclusion of the data)? Helps on job in system Google Adsense. Bases of technology AJaX Instruction beginning{starting} khosteram on zatykaniju dyrok in PHP

topic

Trap for a spam - bot

Many spams - bots to hide the real names (names) which are easy for tracing on recording user_agent, change this recording, changing her  to recordings of different browsers (for example: " mozilla/4.0 (compatible; msie 5.5; windows nt 5.0) " and so on). Also these bots ignore standards of recordings for a file robots.txt (you can read the description of the standard here http://www.robotstxt.org/wc/exclusion.html)


It is possible to go, certainly, by recording the necessary instructions to a file robots.txt, and it is possible and to undertake other way which we shall describe below.


Method ¹1


We use a special directory/bot-trap:

1. Create a subdirectory/bot-trap (can use any other name)

2. Make such recording in a file robots.txt:


user-agent: *

disallow:/bot-trap/


3. Insert the invisible link (it piksel the size 1kh1) right at the beginning of entrance page of a site:



Now it is possible to wait and look through a broad gully of the server to see who has passed under this link.

The person will not see this link, therefore cannot proceed{pass} on her, and search engines cope the directives which have been written down in fale robots.txt, therefore never will visit a directory/bot-trap.


4. In the directory created by us we shall place/bot-trap/index.php. With the help of this script we shall automatically save all ip addresses in a file blacklist.dat.

For the beginning create an empty file ../blacklist.dat and make his  accessible to reading and recording on the server.


* In the text of a script change some values



<? php

if (phpversion ()> = " 4.2.0") {

extract ($ _server);

}

?>

<html>

<head> <title> </title> </head>

<body>

<p> Here there is nothing to look. So you here do{make}? </p>

<p> <a href = " http: // your.domain.ru / "> to return back </a> </p>

<? php

$badbot = 0;

/* We touch all recordings a file blacklist.dat to not admit{allow} zadvoennosti given  */

$filename = "../blacklist.dat";

$fp = fopen ($filename, "r") or die (" the Mistake of opening of a file... <br> n ");

while ($line = fgets ($fp, 255)) {

$u = explode (" ", $line);

if (ereg ($u [0], $remote_addr)) {$badbot ++;}

}

fclose ($fp);

if ($badbot == 0) {

/* We send the information to the web designer */

$tmestamp = time ();

$datum = date (" y-m-d (d) h:i:s ", $tmestamp);

$from = "badbot-watch@domain.ru";

$to = "hostmaster@domain.ru";

$subject = " Attention! On a site the spam - bot came! ";

$msg = " the Bot has come with $request_uri $datum n ";

$msg. = " $remote_addr address, the agent $http_user_agentn ";

mail ($to, $subject, $msg, " from: $from ");

/* We add recording in a broad gully - file blacklist.dat */

$fp = fopen ($filename, ' a + ');

fwrite ($fp, " $remote_addr - - [$datum] " $request_method $request_uri $server_protocol " $http_referer $http_user_agentn ");

fclose ($fp);

}

?>

</body>

</html>


5. To exclude repeated call of a spam - bot on stranicvy a site, before a conclusion page of a site contents of a file blacklist.dat are necessary to check any:



<? php include ($ _server ['document_root.'] "/blacklist.php ");?>


It is the text of a script blacklist.php which needs to be connected to all pages of your site:



<? php

if (phpversion ()> = " 4.2.0") {

extract ($ _server);

}

$badbot = 0;

/* We touch all recordings a file blacklist.dat */

$filename = "../blacklist.dat";

$fp = fopen ($filename, "r") or die (" the Mistake of opening of a file... <br> n ");

while ($line = fgets ($fp, 255)) {

$u = explode (" ", $line);

if (ereg ($u [0], $remote_addr)) {$badbot ++;}

}

fclose ($fp);

if ($badbot> 0) {/* it is a spam - bot, we forbid an input{entrance} on a site */

sleep (12);

print (" <html> <head> n ");

print (" <title> the Site is inaccessible. </title> n ");

print (" </head> <body> n ");

print (" <center> <h1> Welcome! </h1> </center> n ");

print (" <p> <center> This site is temporarily inaccessible... </center> </p> n ");

print (" <p> <center> If you consider, what is it a mistake, send the letter to the owner of a site. </center> </p> n ");

print (" </body> </html> n ");

exit;

}

?>


Method ¹2


Other method does not use php and also forbids access of spams - bots to your site. He consists in use of a file .htaccess.


Example of recording:


setenvifnocase user-agent " indy library " bad_bot

setenvifnocase user-agent " internet explore 5.x " bad_bot

setenvif remote_addr " 195.154.174. [0-9] + " bad_bot

setenvif remote_addr " 211.101.[0-9] + " bad_bot

order allow, deny

allow from all

deny from env=bad_bot


We hope, what is it will help you to get rid (even in part) of larceny of e-mail addresses from pages of your site