- Blacklist Candidate Number 2008-04-27
- Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Since the implementation of my 2G Blacklist, I have enjoyed ...
- How to Block Proxy Servers via htaccess
- Not too long ago, a reader going by the name of bjarbj78 asked about how to block proxy servers from accessing her website. Apparently, bjarbj78 had taken the time to compile a proxy blacklist of over 9,000 domains, only to discover afterwards that the formulated htaccess blacklisting strategy didn’t work as expected: deny from proxydomain.com proxydomain2.com Blacklisting proxy servers by blocking individual domains seems like a futile exercise. Although there are ...
- WordPress Tip: Remove Spam from the Comment Subscription Manager
- After investigating some unusual 404 errors the other day, I found myself digging through the WordPress Admin trying to locate the “Subscribe to Comments” options panel. As it turns out, administrative options for the Subscribe to Comments plugin are split into two different areas. First, the ...
- Blacklist Candidate Number 2008-03-09
- Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Imagine, if you will, an overly caffeinated Bob Barker, hunched over his favorite laptop, feverishly scanning his server access files. Like some underpaid ...
- 2G Blacklist: Closing the Door on Malicious Attacks
- Since posting the Ultimate htaccess Blacklist and then the Ultimate htaccess Blacklist 2, I find myself dealing with a new breed of malicious attacks. It is no longer useful to simply block nefarious user agents because they are frequently faked. Likewise, ...
- Over 150 of the Worst Spammers, Scrapers and Crackers from 2007
- Over the course of each year, I blacklist a considerable number of individual IP addresses. Every day, Perishable Press is hit with countless numbers of spammers, scrapers, crackers and all sorts of other hapless turds. Weekly examinations ...
- Blacklist Candidate Number 2008-02-10
- Welcome to the Perishable Press “Blacklist Candidate” series. In this post, we continue our new tradition of exposing, humiliating and banishing spammers, crackers and other worthless scumbags.. Scumbag number 2008-02-10, “COME ON DOWN!!” — you’re the next baboon to get banished from the site! Like many bloggers, I ...
- First 30 Days without Bad Behavior
- Approximately 30 days ago, I completely uninstalled the Bad Behavior plugin from Perishable Press. As you may recall, many Bad Behavior users were unexpectedly locked out of their own sites and forced to either uninstall or upgrade in order to fix the problem. Of course, in my perpetual battle to optimize and ...
- Blacklist Candidate Number 2008-01-02
- Come one, come all — today we officially begin a new series of posts here at Perishable Press: the public exposure, humiliation, and banishment of spammers, crackers, and other site attackers. Kicking things off for 2008: blacklist candidate number 2008-01-02! Every Wednesday, I take a little time to investigate my ...
- News Phlash for Phishers: Grammar are Critical if You Want to Stealing from People
- “Oh no, not again!” It looks like another one of my non-existent bank accounts has been blocked at Bank of America. But that’s cool, because I like, totally graduated from third grade. Knowing best for all grammar and words in email. Let’s examine yet another idiotic phishing attempt, shall we? First, let’s have a look at the full-meal ...
- Ultimate htaccess Blacklist 2 (Compressed Version)
- [ Keywords: htaccess, rewrite, blacklist, block, deny, spam, spammers, scrapers, rippers ] In our original htaccess blacklist article, we provide an extensive list of bad user agents. This so-called “Ultimate htaccess Blacklist” works great at blocking many different online villains: spammers, scammers, scrapers, scrappers, rippers, leechers — you name it. Yet, despite its usefulness, there is always room for improvement. For example, as reader ...
- WordPress Spam Battle: 3 Seconds that will Save You Hours of Time
- In the hellish battle against spam, many WordPress users have adopted a highly effective trinity of anti-spam plugins: Akismet Bad Behavior Spam Karma This effective triage of free WordPress plugins has served many a WP-blogger well, eliminating virtually 99% of all automated comment-related spam. When spam first became a problem for me, I installed this triple-threat arsenal of anti-spam plugins and immediately enjoyed the results. Although Spam Karma seemed ...
- Black Market Diaper Spam
- Insanity reigns in the blogosphere! Check out this sweet little spam comment that found its way to my moderation queue.. Cloth Hello to all, its my new pages about cloth cloth diaper You can buy here 24\7. Yes indeed, “Cloth diaper”!! Come ...
- How to Block IP Addresses with PHP
- [ Keywords: block, deny, ip, address, php, spam, htaccess, redirect ] Figuratively speaking, hunting down and killing spammers, scrapers, and other online scum remains one of our favorite pursuits. Once we have determined that a particular IP address is worthy of banishment, we generally invoke the magical powers of ...
- Ultimate htaccess Blacklist
- [ Keywords: htaccess, rewrite, blacklist, block, deny, spam, spammers, scrapers, rippers ] For those of us running Apache, htaccess rewrite rules provide an excellent way to block spammers, scrapers, and other scumbags easily and effectively. While there are many htaccess tricks involving blocking domains, preventing access, and redirecting traffic, ...
- Take Good Care of the Puppy
- Of all the bizarre, nonsensical, and pointless spam we have received so far this year, this one takes the cake. It was delivered to our designated spam account earlier this month as a plain-text email, which opens with an explanation. Apparently, "Bob Diamond" is "an Hiring Manager" looking to advertise a couple of important items. The first ad seems remotely realistic, but the second ad.. it’s like, "teddy bear features" out of nowhere — you can’t be ...
- Invite Only: Visitor Exclusivity via the Opt-In Method
- Web developers trying to control comment-spam, bandwidth-theft, and content-scraping must choose between two fundamentally different approaches: selectively deny target offenders (the "blacklist" method) or selectively allow desirable agents (the "opt-in", or "whitelist" method). Currently popular according to various online forums and discussion boards is the blacklist method. The blacklist method requires the webmaster to create and maintain a working list of undesirable agents, usually blocking their access via htaccess or php. The downside of "blacklisting" is that ...
- Industrial-Strength Spamless Email Links
- In our previous article on creating spamless email links via JavaScript, the presented method, although relatively simple to implement, is not the most effective solution available. Spambots, email harvesters, and other online scumbags relentlessly advance their scanning technology, perpetually rendering obsolete yesterday’s methods. In the case of spamless email links created client-side via JavaScript, many spambots now are able to decipher certain email addresses hidden within the JavaScript code itself. Spambots scan ...
- Disobedient Robots and Company
- In our never-ending battle against spammers, leeches, scrapers, and other online undesirables, we have implemented several powerful security measures to improve the operational integrity of our perpetual virtual existence. Here is a rundown of the new behind-the-scenes security features of Perishable Press: Automated spambot trap, designed to identify bots (and/or stupid people) that disobey rules specified in the site’s robots.txt file. Automated disobedient-robot identification (via reverse IP lookup), admin-notification (via email) and blacklist inclusion (via htaccess). Automated inclusion of ...
- Block Spam by Denying Access to No-Referrer Requests
- Credit for this trick goes to shoemoney.com. What we have here is an excellent method for preventing a great deal of blog spam. With a few strategic lines placed in your htaccess file, you can prevent spambots from dropping spam bombs by denying access to all requests that do not originate from your domain. How does it work? Well, when a legitimate user (i.e., not a robot, etc.) decides to leave a comment on your blog, ...
- Spamless Email Address via JavaScript
- Let’s face it, spam sucks. Give spammers the figurative finger by using this nifty bit of JavaScript to hide your email address from the harvesters. Here is an easy “copy-&-paste” snippet for including a spam-proof email address in your web pages. Although there are a million ways of doing this, I am posting this for the record (and because I just can’t stand deleting usable code). This ...
- Protected: Password Monkey
-
- Phish Phight
- I love reading these things.. Your online credit card account has high-risk activity status. We are contacting you to remind you that on March. 13, 2006 our Account Review Team identified some unusual activity in your account. In accordance with Chase Bank's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to log in ...
- Phish or Die
- Ahh, the joys of stealing from people... Dear Customer Of The WellsFargo Internet Banking ? We Have Noticed That Your Wells Fargo Online Bank Account Needs To Be Updated, because we have made a new updates on our online banking service and we lost some information of our customer online banking accounts, we are sorry for that but you should update your Wells Fargo online bank account. To verify your online account and access your bank account, to be ...
- Pathetic Phishing Attempt
- For a good laugh, consider the following email message: Subject: Attention! Several VISA Credit Card bases have been LOST! Good afternoon, unfortunately some processings have been cracked by hackers, so a new secure code to protect your data has been introduced by visa. You should check your card balance and in case of suspicious transactions immediately contact your card issuing bank. If all transactions are alright, it doesn't mean the card is not lost and cannot be used. Probably, your card ...