Every so often someone tries to post spam to this blog using a computer program. They never manage to because even if their computer does solve the captcha I manually approve every post. It’s not like there are a lot of posts here after all.
Anyway, I’ve been meaning for a long time to work out how to ban them from accessing web pages anywhere on my server. I always knew it wasn’t difficult, just a case of reading, testing, then making a note for the future. For future me, here’s how:
iptables is already installed and running
as the root user, running:
iptables -I INPUT -s 1.2.3.4 -j DROP
where 1.2.3.4 is the IP address to block, will block the user. If it becomes an issue, I can also block ranges and subnets and things… perhaps I’ll block the whole of China which is where most of the spam attempts seem to come from but that’s not very nice to 99% of the Chinese people, one of whom may want to find out what an English red mushroom with white spots looks like.
To check the rule has been included:
iptables -L -n
the -L tells iptables to list all the current rules it’s working with
the -n tells iptables NOT to try and work out the hosts name using DNS. Whilst my own office IP will resolve quickly, spammers generally don’t bother to setup reverse DNS and the list will take ages to display.
Another thing, I *think* I set up iptables to save it’s configuration when the server is shutdown and reload it when it starts. It certainly remembers the important rules I setup a couple of years ago. However, I’m not really worried if it forgets these IP blocks as I don’t have to do it very often.
While I’m here, I haven’t blogged at all lately. I’ve been very busy working on our new business web site (which will be at www.rkbb.co.uk sometime very soon). I thought it would only take 2 weeks over christmas to do but it’s turned out to be harder and more complicated. It’s been fun though, so not long and I’ll be able to write about thinks like the arduino based water flow meter I built for work (that was tough and fun too!)