betabug... Sascha Welter

home english | home deutsch | Site Map | Sascha | Kontakt | Pro | Weblog | Wiki

17 October 2007

http:BL

Block me with a 403
 

Monday evening I thought about yet another way of making life on my site difficult for comment spammers / email harvesters. I attempted to get a Zope product that would make lookups against the Project Honeypot http:BL blacklist ...and I got that one up and running in about 1.2 hours. In the evening it was basically working. Spent some more hours on Tuesday for writing tests and cleaning up.

Right now it's working/testing on my blog, and some bots already got a bloody nose and a 403. Need to write up some more documentation and then it's time for a first release, even if parts of the functionality are still a bit rough, especially towards changing the policy and glueing in with Zope CMS products. Coming soon at an INSTANCE_HOME near you!

So, what's it doing? It's looking up every visitors IP against a DNS blacklist, much like a lot of SMTP servers are doing nowadays. If the visitors IP is listed in the Project Honeypot database, a simple policy decides to let the visitor view pages or reject them with a 403 "forbidden" HTTP response. There are already a couple of modules around to do these lookups, e.g. for apache 2. My reason for coding this up in Zope is that a.) I don't run apache 2 and b.) I'm not sure that every request needs to be looked up, e.g. stylesheets, images, etc. are not requested by "my" bots anyway.

Update 2007-10-24: The code is released now!


Posted by betabug at 10:16 | Comments (3) | Trackbacks (0)
ch athens
Life in Athens (Greece) for a foreigner from the other side of the mountains. And with an interest in digital life and the feeling of change in a big city. Multilingual English - German - Greek.
Main blog page
Recent Entries
Best of
Some of the most sought after posts, judging from access logs and search engine queries.

Apple & Macintosh:
Security & Privacy:
Misc technical:
Athens for tourists and visitors:
Life in general:
<< HelMUG, Wetter, programmieren und Die Katze auf dem heissen Stoffdach! | Main | Thursday Night at the Benaki Museum >>
Comments
Re: http:BL

Nice idea!
Have not checked if there is something for RoR (in the form of vendor/plugin/, but sure gave me a nice weekend project for the weekend :-) Will drop you a line when I have worked a bit more with it. Perhaps share some ideas? :-)

Posted by: Thanasis K at October 19,2007 10:55
Re: http:BL

Hey Thanasis, according to the http:BL implementations list there is no RoR plugin. I don't remember if you are based in Athens - it could be fun to hook up and show you what I've done in Zope. You could short circuit some of my http:BL research and I could get an inside look at RoR :-) OTOH the http:BL is pretty straightforward, so you sure will figure it out by yourself.

Posted by: betabug at October 19,2007 11:39
Re: http:BL

Hi,
Sorry I do not live in Athens for the moment.
Perhaps we can collaborate electronically. Drop me a line in the email address associated with this post and I am sure we can work something out.

Posted by: Thanasis K at October 24,2007 14:03
Trackbacks
You can trackback to: http://betabug.ch/blogs/ch-athens/698/tbping
http:BL for Zope released!

Finally I have grinded through my ToDo list and yesterday late at night I came to the point where
I can reasonably release a first version of my HoneyPotBL Zope product. This is a product for
Zope 2 that will let you query the " http:BL " DNS Blackli...

Read the linking post here: ch-athens at October 25,2007 10:09
Leave a comment