MXimize by Carlos Gallupa, thoughts about and experiments with coldfusion, css, sql, components and javascript

Fighting comment spam with project honeypot

For a project that i am working on at the moment I needed some commentspam protection. Project Honeypot is an project (really?!!) that collects IP addresses of harvesters, spammers and other people/computers you don't want on your website.

You can register with them and use the code below to protect your comments with there Reverse DNS tools. The function returns the threat value, type value and how many days ago the IP address was recognized as a spammer/harvester. Based on those return values you can for yourself create a system that blocks the IP address.

I give back an 404 page to all IP addresses with a type of 4 and more. See code below.


<!--- Check Project HoneyPot --->
<cfinvoke returnvariable="stCheck" method="honeypotcheck" component="cfc.dns">
 <cfinvokeargument name="ip" value="#cgi.remote_host#" />
</cfinvoke>

<!--- Don't display the personal information --->
<cfif isDefined("stCheck") AND (stCheck.type GTE 4 AND stCheck.type LTE 7)>
  <!--- Send 404 message --->
  <cfheader statuscode="404" statustext="Not Found">
  404 Not Found
  <cfabort>
</cfif>


Below the code of the component i've written. Just copy paste and it should work just fine.


<cfcomponent displayname="DNS functions">

 <cffunction name="gethostaddress" returntype="string">
  <cfargument name="host" required="Yes" type="string" />
  <cfset var obj = "">

  <!--- Init class --->
  <cfset obj = CreateObject("java", "java.net.InetAddress")>
  
  <!--- Return result --->
  <cfreturn obj.getByName(host).getHostAddress()>
 </cffunction>
 

 <cffunction name="reverseip" returntype="string">
  <cfargument name="ip" required="Yes" type="string" />
  <cfset var aIp = listToArray(arguments.ip,".")>
  
  <!--- Return IP reversed --->
  <cfreturn aIp[4] & "." & aIp[3] & "." & aIp[2] & "." & aIp[1]>
 </cffunction>


 <cffunction name="honeypotcheck" returntype="struct" hint="Check Project HoneyPot http:BL">
  <cfargument name="ip" required="yes" type="string">
  <cfset var aVal = "">
  <cfset var hpkey = "-- your honepot key --">
  <cfset var stRet = structNew()>

  <!--- Get the different IP values --->
  <cfset aVal = listToArray(gethostaddress("#hpkey#.#reverseip(arguments.ip)#.dnsbl.httpbl.org"),".")>
  
  <!--- Set the return values --->
  <cfset stRet.days = aVal[2]>
  <cfset stRet.threat = aVal[3]>
  <cfset stRet.type = aVal[4]>
  
  <!--- Get the HP info message --->
  <cfswitch expression="#aVal[4]#">
   <cfcase value="0">
    <cfset stRet.message = "Search Engine (0)">
   </cfcase>
   <cfcase value="1">
    <cfset stRet.message = "Suspicious (1)">
   </cfcase>
   <cfcase value="2">
    <cfset stRet.message = "Harvester (2)">
   </cfcase>
   <cfcase value="3">
    <cfset stRet.message = "Suspicious & Harvester (1+2)">
   </cfcase>
   <cfcase value="4">
    <cfset stRet.message = "Comment Spammer (4)">
   </cfcase>
   <cfcase value="5">
    <cfset stRet.message = "Suspicious & Comment Spammer (1+4)">
   </cfcase>
   <cfcase value="6">
    <cfset stRet.message = "Harvester & Comment Spammer (2+4)">
   </cfcase>
   <cfcase value="7">
    <cfset stRet.message = "Suspicious & Harvester & Comment Spammer (1+2+4)">
   </cfcase>
   <cfdefaultcase>
    <cfset stRet.message = "IP-Address not known">
   </cfdefaultcase>
  </cfswitch> 
  
  <cfreturn stRet>
 </cffunction>
</cfcomponent>


19226 viewed | 10 opinion(s)  | del.icio.us | Digg it | Tjarko @ 07/06/07 12:38 cet