The night before yesterday, I was attacked by a spam message ad.
In the evening I just went to play 2 hours of games, someone used the program to fill me hundreds of spam message ads. At this time I also found that the current anti-spam system has loopholes, the ad guy first used the program to forge the refer, and then each article has only one link, so that bypassing the filter I set up to achieve a large number of sending spam information purposes.
There seems to be a problem with my current anti-spam program. So I went through a night of recoding, increased the function of an automatic IP address, if the judge within half an hour of the same IP address message contains more than 10 of the number of hyperlinks, to judge it as a spam message sender, the system will automatically seal its IP address, to prevent this IP address to continue to send messages.
Now look at whether the current anti-spam system can work better, if not, have to start the verification code, although the personal sense of authentication code will reduce the user experience. This anti-spam plug-in is based on the original Z-blog 1.5 system, if you are also using Z-blog 1.5 system, you can also download the use of 1.6 of the beta, this procedure should also be used, but I did not test.
Click here to download: Z-blog anti-spam advertising plugin.
In addition to the garbage reference, I also think of a new countermeasure, is when the system received a reference, first get the content of that address, if the link to the site, the description is normal reference, otherwise it is a garbage reference.
Finally, for the hotlinking of the picture, I finally can not continue to endure, the method of adding a watermark basically does not have any effect, after such a long time, the situation of hotlinking still did not reduce, hotlinking occupy too much traffic and system resources, occupy 10G of traffic every day, seriously affect the normal user of my blog visit, So I have to enable the Isapi_rewrite this final killer to prevent hotlinking, but at present I allow Bloglines, Zhuaxia, Google, Baidu, these several sites refer to my station pictures, if you also need to quote my station pictures, please tell me the domain name, I can open it after review.
Isapi_rewrite's Httpd.ini content is written below, if you also encounter hotlinking trouble, suggestions can refer to:
Rewritecond Host: (. +)
Rewritecond Referer: (?!) http://(?: www\.williamlong\.infowww\.moon-blog\.comwww\.bloglines\.comwww\.zhuaxia\.comwww\.google\.comcache\. baidu\.com)). +
Rewriterule. *\. (?: jpgkmzkmlzip)/block.gif [I,o]
Note: The second line of the domain name is allowed to link the image of the site list, currently I allow my own two stations and other Bloglines, Zhuaxia, Google, Baidu, four of these sites refer to my station files, other sites are prohibited references.
The third line is a file type that prohibits referencing, including JPG pictures, Google Earth's kmz and KML, and zip files. Of course, can also add other types, such as GIF, RAR, etc., because I do not stand those files, so did not add up.
Update: Evening looked at the IIS log, the picture directory occupancy rate dropped to 1.5G, one day time Isapi_rewrite blocked 34,000 times hotlinking request, really a good result ah.