Welcome to WebmasterWorld Guest from 100.24.122.228

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

Blocking comment spam bots requesting replytocom

How to block comment spam bots requesting replytocom

     
10:31 am on Dec 30, 2011 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 18, 2007
posts:133
votes: 0


I would like to know if there is anyway to block bots requesting a page using spammy query string.

For the past few days, there have been lot of comment spam bots requesting pages on my wordpress blog using the string ?replytocom=

For instance,
Actual Page: www.examplesite.com/filename/
Reqested URL: www.examplesite.com/filename/?replytocom=774

Is there any way to block such requests in htaccess?

I tried using:

RewriteCond %{QUERY_STRING} ^replytocom*
RewriteRule .* - [L,F]

But it's not working.
1:44 pm on Dec 30, 2011 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 18, 2007
posts:133
votes: 0


Also tried the following with no luck:

RewriteCond %{QUERY_STRING} replytocom
RewriteRule .* - [L,F]
2:36 pm on Dec 30, 2011 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 18, 2007
posts:133
votes: 0


Just realized most of them have the following user agents:

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10

Mozilla/5.0 (Windows NT 5.1; U; en) Opera 8.01

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1

Any idea how to block these agents?
5:15 pm on Dec 30, 2011 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:15892
votes: 876


^replytocom*

isn't valid RegEx syntax. It would mean "begins with the exact text 'replytoco' optionally followed by any number of m's"

RewriteCond %{QUERY_STRING} replytocom

ought to work, since it simply means "contains this element". I'm assuming that legitimate replies don't use the same string.

You can block any specific user-agent with a RewriteCond-- or by various other means such as SetEnvIf followed by a "Deny from..." core directive.

Remember to escape any literal periods, parentheses and spaces. The periods and parentheses are a basic RegEx rule; escaping spaces is specific to mod_rewrite (and probably some other things in Apache). Neglecting to escape . may make your rule fail, or will return false positives so it succeeds too well. Neglecting to escape () will make your rule fail. Neglecting to escape spaces will make your site fail.
5:32 pm on Dec 30, 2011 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 18, 2007
posts:133
votes: 0


thanks lucy24, I used

RewriteCond %{QUERY_STRING} replytocom
RewriteRule .* - [L,F]

but it's not working.

I accessed the following url after adding the above to htaccess and the page was still accessible:

www.examplesite.com/filename/?replytocom=774

I am guessing this some wordpress issue. The above URL basically displays the exact same/original page which is

www.examplesite.com/filename/
7:34 pm on Dec 30, 2011 (gmt 0)

Junior Member

5+ Year Member

joined:May 3, 2011
posts:75
votes: 0


This should work.
RewriteCond %{QUERY_STRING} replytocom


In this:
RewriteRule .* - [L,F]

I believe you can remove the L, as it's implied with F.

so:

RewriteRule .* - [F]

You could try REQUEST_URI

RewriteCond %{REQUEST_URI} replytocom
RewriteRule .* - [F]

You may be having a conflict with the WordPress permalink rules.