HOME  → POSTS  → 2004

Blocking Spambots

Projects and Code231 words2 minutes to read

I’ve been using a PHP script called “Blocker” to block unwanted visitors to my website for several months now. It started out as a way to block refer spam from my refer list, and has grown to a full-fledged blocker of IP’s, Hostnames, Referrers, and User Agents.

About once a month, I go through my raw access logs and check to see who’s been visiting me (and who I need to block from visiting me again). This morning, I’ve added several new spambots to the list of things to block. If you’re using Blocker already, go to my downloads page and download the latest update. If you’re not using it yet, I suggest you begin to, as it’s helped me in the fight against website spam tremendously. This update has no functional changes, only blocking additions.

If you’ve manually added things you want to block in your copy of Blocker, you’ll have to manually add them to the new version. If you’re blocking spambots, referrers, etc. that are not on my list, email them to me for inclusion in the next release.

Two Bots that I’ve been getting pounded by are the “Turntin” bot and the “Microsoft URL Control” bot. Two weeks ago, Turntin nailed me over 220 times in 48 hours. Microsoft URL Control nailed me about 70 times last night. Both were blocked already before they hit me. Whew!

Ryan Parman

is an engineering manager with over 20 years of experience across software development, site reliability engineering, and security. He is the creator of SimplePie and AWS SDK for PHP, patented multifactor-authentication-as-a-service at WePay, defined much of the CI/CD and SRE disciplines at McGraw-Hill Education, and came up with the idea of “serverless, event-driven, responsive functions in the cloud” while at Amazon Web Services in 2010. Ryan's aptly-named blog, , is where he writes about ideas longer than . Ambivert. Curious. Not a coffee drinker.