Reimar schrieb am 23.01.24 um 09:41:43:
Good work ! Thanks for these lines !
You can also block whole countries if you are interested.
No, blocking entire countries is not in my principles. I know that there are webmasters or service operators who receive a lot of spam or have a lot of harvesters from China or other countries, but blocking entire countries is not in my line. There are many visitors coming from all over the world, including China.
Instead I am incorporating a different approach that I am experimenting with these days, I copy the code:
Code (PHP):####################################################################
### edit to avoid spam
####################################################################
function honeypot($ip, $referer, $country, $time_stamp){
// key for SPAM service honeypot https://www.projecthoneypot.org
$access_key = "abcdefghilmnop";
$file = "bot_SPAM.txt";
$domain_name = trim(gethostbyaddr($ip));
$date = date("H:i:s d/m/Y",$time_stamp);
// invert IP
$reversed_ip = implode('.', array_reverse(explode('.', $ip)));
// do query DNS
$query = $access_key . "." . $reversed_ip . ".dnsbl.httpbl.org";
// execute query DNS
$response = gethostbyname($query);
// check if IP is legit
if ($response != $query) {
// IP not legit
// analyze the type of threat
$response_array = explode('.', $response); //127.x.y.z
// must be 127
$version = $response_array[0];
if ($version <> 127){
//same thing is wrong in answer of honeypot server
return;
}
// The second octet indicates the number of days since the IP was last seen
$days = $response_array[1];
// The third octet indicates the IP threat score (0 to 255)
$threat = $response_array[2];
// The fourth octet indicates the type of visitor (bitwise)
$type = $response_array[3];
// Define constants for visitor types
define('SEARCH_ENGINE', 0);
define('SUSPICIOUS', 1);
define('HARVESTER', 2);
define('COMMENT_SPAMMER', 4);
$visitatore = ""; //type of visitor
// Check if the visitor is a search engine
if ($type == SEARCH_ENGINE) {
echo "Il visitatore è un motore di ricerca.";
$visitatore .= "SEARCH_ENGINE ";
}
// Check if the visitor is suspicious
if ($type & SUSPICIOUS) {
echo "Il visitatore è sospetto.";
$visitatore .= "SUSPICIOUS ";
}
// Check if the visitor is a harvester
if ($type & HARVESTER) {
echo "Il visitatore è un harvester.";
$visitatore .= "HARVESTER ";
}
// Check if the visitor is a comment spammer
if ($type & COMMENT_SPAMMER) {
echo "Il visitatore è un comment spammer.";
$visitatore .= "COMMENT_SPAMMER ";
}
file_put_contents($file, $date ." * ". $visitatore ."* ". $ip ." * ". $country ." *". $referer ."* $domain_name\n", FILE_APPEND);
exit;
}
else {
// The response is invalid, meaning that the IP is not present in the database
echo "The visitor is not in the Project Honey Pot database.";
// IP probably legitimate, from a legal user
return;
}
}