Blocking Spambots

Projects and Code231 words2 minutes to read

I’ve been using a PHP script called “Blocker” to block unwanted visitors to my website for several months now. It started out as a way to block refer spam from my refer list, and has grown to a full-fledged blocker of IP’s, Hostnames, Referrers, and User Agents.

About once a month, I go through my raw access logs and check to see who’s been visiting me (and who I need to block from visiting me again). This morning, I’ve added several new spambots to the list of things to block. If you’re using Blocker already, go to my downloads page and download the latest update. If you’re not using it yet, I suggest you begin to, as it’s helped me in the fight against website spam tremendously. This update has no functional changes, only blocking additions.

If you’ve manually added things you want to block in your copy of Blocker, you’ll have to manually add them to the new version. If you’re blocking spambots, referrers, etc. that are not on my list, email them to me for inclusion in the next release.

Two Bots that I’ve been getting pounded by are the “Turntin” bot and the “Microsoft URL Control” bot. Two weeks ago, Turntin nailed me over 220 times in 48 hours. Microsoft URL Control nailed me about 70 times last night. Both were blocked already before they hit me. Whew!

Ryan Parman

Ryan Parman is an experienced Software/DevOps/Security engineer, currently living in Seattle. He is the creator of and , patented multifactor-authentication-as-a-service at , and came up with the idea of “serverless, event-driven, responsive functions in the cloud” while at AWS in 2010. Ryan's aptly-named blog, , is where he writes about ideas longer than . Ambivert. Curious. Not a coffee drinker.