Subsribe to our RSS

latest reactions

christian louboutin shoes
With that kind of traffic you want to ad …Rahul Anand
Thanks for the nice post. It works for m …Serkan
thx a lot! …msb
Thanks for above solution.There is ano …Lori S.
FYI, I was using this successfully in CF …

Use OpenDNS

mxna feeds

cfmailparam behaviour change in CF9.01ColdFusion Job Opportunity in Houston, TXFacial Recognition in 14 Lines Of ColdFusionColdFusion UPS PackageColdFusion Job Opportunity in Arlington, VAColdFusion Job Opportunity in San Diego, CASome ColdFusionBloggers.org GuidelinesColdFusion Positions In CaliforniaListChangeDelimsunix epoch with coldfusionQuery scripting bug in Coldfusion 9Scoth On The Rock 2011 Tickets on salefoursquareCFC updated to version 1.0, now includes ColdFusion return typeFramework One Birds of a Feather session at CFUnitedWhat makes you a good ColdFusion programmer?

All files are strictly confidential: all information is classified.
© Copyright 2002 - 2010 mximize.com.
All right reserved.

MXNA webfeed

Visit Carlos Gallupa

Fighting comment spam with project honeypot

For a project that i am working on at the moment I needed some commentspam protection. Project Honeypot is an project (really?!!) that collects IP addresses of harvesters, spammers and other people/computers you don't want on your website.

You can register with them and use the code below to protect your comments with there Reverse DNS tools. The function returns the threat value, type value and how many days ago the IP address was recognized as a spammer/harvester. Based on those return values you can for yourself create a system that blocks the IP address.

I give back an 404 page to all IP addresses with a type of 4 and more. See code below.


<!--- Check Project HoneyPot --->
<cfinvoke returnvariable="stCheck" method="honeypotcheck" component="cfc.dns">
 <cfinvokeargument name="ip" value="#cgi.remote_host#" />
</cfinvoke>

<!--- Don't display the personal information --->
<cfif isDefined("stCheck") AND (stCheck.type GTE 4 AND stCheck.type LTE 7)>
  <!--- Send 404 message --->
  <cfheader statuscode="404" statustext="Not Found">
  404 Not Found
  <cfabort>
</cfif>


Below the code of the component i've written. Just copy paste and it should work just fine.


<cfcomponent displayname="DNS functions">

 <cffunction name="gethostaddress" returntype="string">
  <cfargument name="host" required="Yes" type="string" />
  <cfset var obj = "">

  <!--- Init class --->
  <cfset obj = CreateObject("java", "java.net.InetAddress")>
  
  <!--- Return result --->
  <cfreturn obj.getByName(host).getHostAddress()>
 </cffunction>
 

 <cffunction name="reverseip" returntype="string">
  <cfargument name="ip" required="Yes" type="string" />
  <cfset var aIp = listToArray(arguments.ip,".")>
  
  <!--- Return IP reversed --->
  <cfreturn aIp[4] & "." & aIp[3] & "." & aIp[2] & "." & aIp[1]>
 </cffunction>


 <cffunction name="honeypotcheck" returntype="struct" hint="Check Project HoneyPot http:BL">
  <cfargument name="ip" required="yes" type="string">
  <cfset var aVal = "">
  <cfset var hpkey = "-- your honepot key --">
  <cfset var stRet = structNew()>

  <!--- Get the different IP values --->
  <cfset aVal = listToArray(gethostaddress("#hpkey#.#reverseip(arguments.ip)#.dnsbl.httpbl.org"),".")>
  
  <!--- Set the return values --->
  <cfset stRet.days = aVal[2]>
  <cfset stRet.threat = aVal[3]>
  <cfset stRet.type = aVal[4]>
  
  <!--- Get the HP info message --->
  <cfswitch expression="#aVal[4]#">
   <cfcase value="0">
    <cfset stRet.message = "Search Engine (0)">
   </cfcase>
   <cfcase value="1">
    <cfset stRet.message = "Suspicious (1)">
   </cfcase>
   <cfcase value="2">
    <cfset stRet.message = "Harvester (2)">
   </cfcase>
   <cfcase value="3">
    <cfset stRet.message = "Suspicious & Harvester (1+2)">
   </cfcase>
   <cfcase value="4">
    <cfset stRet.message = "Comment Spammer (4)">
   </cfcase>
   <cfcase value="5">
    <cfset stRet.message = "Suspicious & Comment Spammer (1+4)">
   </cfcase>
   <cfcase value="6">
    <cfset stRet.message = "Harvester & Comment Spammer (2+4)">
   </cfcase>
   <cfcase value="7">
    <cfset stRet.message = "Suspicious & Harvester & Comment Spammer (1+2+4)">
   </cfcase>
   <cfdefaultcase>
    <cfset stRet.message = "IP-Address not known">
   </cfdefaultcase>
  </cfswitch> 
  
  <cfreturn stRet>
 </cffunction>
</cfcomponent>

20426 viewed | 6 opinion(s)  | del.icio.us | Digg it | Tjarko @ 07/06/07 12:38 cet


Reactions:

Holly Wild wrote.... (site)

Help me prevent spam Im a beginner web master what can I do?Code wise any suggesstion?

16 June 2007 19:16 cet  

Tjarko wrote....

Start by using a captcha or just a simple question asked as in this form (below). This will prevent most of your spam in an instance!!

17 June 2007 15:12 cet  

Micic wrote.... (site)

The best way to fight spam is to disable people entering html code in comments or in some other kind of posting elements such as forums or blogs.

21 June 2007 17:53 cet  

Tjarko wrote....

Unfortunately you will get tons of SPAM on a high volume site even with HTML disabled in your comments. A friend of mine has developed a blog tool and gets between all the installations on average 70.000 spam posts a day. And I'm talking about roughly 110 websites.

With that kind of traffic you want to add some more security to your comments form i'm afraid. Like a captcha or a simple question that need's to be filled in. like on this form.

21 June 2007 20:15 cet  

Dark wrote....

I saw more of this staff at http://loadingvault.com

10 May 2008 14:47 cet  

christian louboutin shoes wrote.... (site)

With that kind of traffic you want to add some more security to your comments form i'm afraid. Like a captcha or a simple question that need's to be filled in. like on this form.

14 July 2010 9:45 cet  

Leave your comment

Your name


Your url/website/link/email....


Some room for your reaction is placed here..



The answer to the ultimate question is?? (42 ;-))




URL en mail addresses are translated for you... life sometimes is that simple!!