[wp-hackers] wp-denyhost

Per Søderlind per at soderlind.no
Fri Apr 18 02:20:51 GMT 2008


Alexander Beutl
> 
> Cool. Very cool indeed!
> 
> But maybe you could add an option to write this blocking to htaccess
> after it was detected to be a "need to block" IP) - this would stop
> spammers from even bothering to start the php parser and to load the
> stuff wordpress loads before the init actions - when they knock on the
> door apache would just throw an errorcode after them and hopefully hit
> their head ;-)
> 

This might work (not tested :)

In .htaccess:
php_value auto_prepend_file suspect.php

suspect.php:
<?php
define('WP_USE_THEMES', false);
require('./wp-blog-header.php');

$suspect = $_SERVER["REMOTE_ADDR"];
$count = (int) $wpdb->get_var("SELECT COUNT(comment_ID) FROM $wpdb->comments  WHERE comment_approved = 'spam' AND comment_author_IP LIKE ('%$suspect%')");

if ($count >= 1) {		
	header("HTTP/1.1 403 Forbidden");
	die();
}
?>

../PerS



More information about the wp-hackers mailing list