Returning the favor…

Posted by joy


With the prevalence of spammers now hitting my referrer logs, I’ve decided to “help them out” and “provide more traffic” to their sites. Here are two of the latest jokers, complete with their IPs.

Host: 66.230.218.66
Url: /
Http Code : 403
Date: Jun 07 11:37:28
Http Version: HTTP/1.1″
Size in Bytes: 1009
Referer: [some porn site]
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .WONKZ)

Host: 66.230.218.67
Url: /
Http Code : 403
Date: Jun 07 11:29:52
Http Version: HTTP/1.1″
Size in Bytes: 1009
Referer: [some porn site]
Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .WONKZ)

I could have merely banned them in the .htaccess file, but I accidentally found out that their source IPs are actually live Web servers (hosting porn of course) and the bot coming from either of the IPs uses the same user agent string. Thusly, some fun with .htaccess….

RewriteEngine on
RewriteCond %{HTTP_USER_AGENT} “(compatible; MSIE 6.0; Windows NT 5.1; .WONKZ)” [NC]
RewriteRule /* http://66.230.218.66 [R,L]

FYI, the IP addys belong to a block of numbers from Candid Hosting, which is apparently a Canadian hosting company. I took a quick look at their Terms of Service, and it appears that they allow adult web sites.

Update: I altered the user agent string to be more specific. Just using the .WONKZ string was not effective.


Comments are closed.