As I wrote in my last entry, I’ve been forced to take measures against trackback spam.
The patch is proving effective, so I produce it here in the hope it will help some of you, too. Note that this patch uses the same bad_words file that my comment spam patch used. In fact, the code is very similar, too. This should probably be factored into a single function, but I’m feeling lazy.
Anyway, with patch this in place, your MT 2.661 system will auto-ban any IP address that attempts to send you a trackback ping that contains any of the regular expressions in bad_urls. These strings should be listed one per line. They’ll be tried until either one matches or the end of the list is reached. If none match, the trackback is allowed through.
--- Trackback.pm.orig 2003-02-23 17:45:55.000000000 -0800 +++ Trackback.pm 2005-02-04 00:32:40.441507672 -0800 @@ -158,6 +158,28 @@ } } + # Check for trackback spam + my $bad_words = '/var/www/cgi-bin/lib/MT/App/bad_words'; + if (-f $bad_words) { + my @bad_words; + my $bad_word; + open(WORDS, $bad_words); + push @bad_words, $bad_word while chomp($bad_word = <WORDS>); + + my $regex = join '|', @bad_words; + if ($title && $title =~ /$regex/i) { + require MT::IPBanList; + my $ipban = MT::IPBanList->new(); + $ipban->blog_id($tb->blog_id); + $ipban->ip($user_ip); + $ipban->save(); + $ipban->commit(); + $app->log("IP $user_ip banned, because of bad trackback: $title"); + return $app->handle_error($app->translate( + "You have been banned from sending trackbacks: [_1]", $title)); + } + } + ## Check if user has pinged recently #my @past = MT::TBPing->load({ tb_id => $tb_id, ip => $host_ip }); #if (@past) { |