Author Archives: neozeed

WordPress spam…

Posted on by
4

So, I was looking at the start of the year about 8% of my stats was SPAM.yuck. Then something insane happened this week, it jumped to 28%.

So I crossed that point when something would have to be done!

I’ve already installed stuff to detect the spam, and it does a good overall job.  But I wanted to take it to the next level and block all traffic from the spammers! Anyone who SPAM’s probably is engaged in other nonsense that makes me not want their traffic.

Thankfully for me and this brave new era of google, I could quickly find someone has done 99% of the leg work for me right here! Thanks to Sakis’s hard work I was able to add some minor tweaks, and generate a full iptables config, flush & add the new rules, then have cron run it every few minutes.

Pretty cool stuff if I do say so myself!

Since the primary site is now offline, I’ve updated with an archive.org link. For what it’s worth, here is the meat of the article in question:

Dodging WordPress comment spammers

I admit: Allowing anyone to post comments is bad practice. Though, I’ve got my reasons to stand my ground. I’ve many times read something on a blog and to some of them I even had something to add. Could potentially help blog’s author or future visitors by sharing my own experience or request a solution to one of my problems by posting a question. Guess what? I am so lazy that I rarely go through registration procedure, just to enable me posting a comment.

I am one of those that insist dialog and discussion is always constructive as long as both ends feel like establishing it. I do not want to lose the opinion and comments of stopping-by visitors, just because I want a “safe” thing that runs on its own. But, “buts” exist. My blog is currently one month old, still it manages to receive 300+, in average, spam-oriented comments per day, while I’ve even witnessed a 1k/day.

Thank god, WordPress provides blacklist features based both on IP addresses and comment content. And it really does a good job: After messing around with your recent “spam” you can easily end up with a list that accurately detect a non constructive comment. However, you’ve not solved all your problems this way:

  • New comments still come. They are just automatically rated as spam.
  • Your database fills with garbage.
  • Your web traffic statistics are spoiled.
  • You waste bandwidth.
  • You waste CPU time.
  • If your spammer ever stop selling drugs and starts advertising flesh, all your content matching rules go away.
  • If your spammer loose interest into being a blog spammer and switch to a port-scanner, you will receive that too.

How about you refuse them a spare TCP socket? Besides, you don’t even wanna know them. All their connection attempts will end-up to void. Time for some “iptables” magic.

WordPress has already stored their IP addresses within its database. Consult that wp-config.php file you lately edit when you firstly installed WordPress, and refresh your memory on what your database name, username and password is. Mine are:


$ grep "DB_" wp-config.php

define('DB_NAME', 'mywordpress');

define('DB_USER', 'sakis');

define('DB_PASSWORD', 'myextrastrongpassword');

define('DB_HOST', 'localhost');

define('DB_CHARSET', 'utf8');

You now have to use that information into constructing this single-row command:

Check my example:


$ mysql -f -p --user=sakis mywordpress <<<"select distinct CONCAT('iptables -A INPUT -s ',comment_author_IP,'/32 -j DROP') from wp_comments where comment_approved='spam' order by 1 asc" | grep -v "^CONCAT" >> THEY_BOTHER_ME

Enter password:

$ head THEY_BOTHER_ME

iptables -A INPUT -s 113.161.128.232/32 -j DROP

iptables -A INPUT -s 117.121.208.254/32 -j DROP

iptables -A INPUT -s 118.141.141.7/32 -j DROP

iptables -A INPUT -s 118.194.1.157/32 -j DROP

iptables -A INPUT -s 119.235.27.100/32 -j DROP

...

You now have a simple recipe, named “THEY_BOTHER_ME”, ready to be executed (as root):

$ su

# . ./THEY_BOTHER_ME

Make sure you hook “THEY_BOTHER_ME” at your system’s start-up procedure and construct a cron/at job to periodically refresh it.

I’ve created a file named /etc/cron.daily/update_spammers.sh, with the following contents:

#!/bin/sh

fileloc="/etc/THEY_BOTHER_ME"

before=`cat "${fileloc}" | wc -l`
before=`echo ${before}`

cp "${fileloc}" /tmp/BOTHERS.$$

mysql -f --user=sakis --password=myextrastrongpassword mywordpress <<<"select distinct CONCAT('iptables -A INPUT -s ',comment_author_IP,'/32 -j DROP') from wp_comments where comment_approved='spam' order by 1 asc" | grep -v "^CONCAT" >> /tmp/BOTHERS.$$

sort /tmp/BOTHERS.$$ | uniq > "${fileloc}"
rm -f "/tmp/BOTHERS.$$"

. "${fileloc}"

after=`cat "${fileloc}" | wc -l`
after=`echo ${after}`

di=`expr ${after} - ${before}`
di=`echo ${di}`

printf "[%s] Spammers updated. Added %d new spammer(s) (Before: %d, After: %d)\n" "`date`" ${di} ${before} ${after}

And sadly, his original script is now offline.  This should be enough for anyone to get going on this exciting spam adventure…

Elite Dangerous

Posted on by
Reply

There has been some buzz about for years (decades?) about a new Elite game.  Sure the Frontier sequels were simply amazing, but now that PC’s are far more advanced than they’ve ever been, what would Elite look like today?

 

So here is a small taste!

Unlike other video games, there has been a movement afoot of the end customer directly financing the upstart cost for projects to get them off the ground.  The idea being that people themselves may be interested in a product, and they can cut out the middle men of marketers & financiers, and do so in a mob fashion.  Kickstarter is one of many sites built for this purpose.

So I was surprised to find that David Braben (Of recent Raspberry Pi fame), had started one for the future of Elite, right here.  He is trying to raise a hefty £1,250,000 to directly fund this new version of Elite.  Right now he is £683,487 short but has 41 days to go.  I would imagine that one of the reasons of why they want to go this way, is that during the Frontier days when GameTek went bankrupt, leaving much of their distribution and marketing in the air.

Is this madness?  Maybe a tad, but the original developers behind Wing Commander managed to fun their project, Star Citizen on Kickstarter as well!

Of course here is the original pitch video:

 

And be sure to check out the projects website.

Oh yeah, and as part of my jdosbox rescue, I’ve cleaned up the Frontier Elite & First Encounters images so they work now!

So I got to play with a ‘surface’ yesterday

Posted on by
3

Honestly it’s not that bad, the UI is surprisingly snappy.  The thing has a quad core processor, 2GB of ram..  the bundled keyboard… sucks. badly.  I don’t even know why they even made it.

Surprisingly, there is adobe flash on the platform.  Getting to the command prompt was pretty trivial, although I didn’t have any pure unsigned .net exe’s on me to test..  I forgot to check if the runtime included csc.exe …

The price is just too high for the platform to be compelling to be honest, it would have been a contender around the time the iPad launched, but true to MS’s nature they always let others lead before they enter the market.

Maybe after Christmas sales, or the lack of, there will be some motivation on Microsoft’s part to price it more competitively.

Also DOSBox would be a nice to have for Windows RT … but if it is all walled garden crap who knows if that’ll happen easily…

Fallout New Vegas on CrossOver

Posted on by
1

it runs!

So I’ve been dying to play this on OS X for quite some time to no avail.  So after the CrossOver give away I thought I’d be set! .. I installed steam, spent forever downloading and installing Fallout to only get either a blank white screen when running in full screen mode, or a black window running in a window.

So finally messing with ‘bottle’ settings I stumbled on the ability to run a session in an ’emulated desktop’.  And with that setup with a big enough resolution, boom run it again and it works fine in a window!

Sadly I never held onto my save games so looks like I’ll be starting from scratch.