Haven't had much time to work on the site lately, and the comment spam has become a bit of a nuisance, even with the captcha module enabled. The problem? Someone has written a bot that uses "people" as a comment subject, innocuous sounding enough, and http://www.google.com as a homepage.

Now it would be easy enough to simply blacklist the offending IP, but I don't want to first get spam and then have to delete it. No, I'd much rather check that both those conditions (name and url) are inappropriate and then redirect the bot. I could also change the code to check the username, but that is much more variable across the spams I've seen, which is too bad since it it a mandatory field for posting a comment.

So I've tweaked comment.module a little and added the following to take advantage of the neat 403.php script over at the most excellent The Net is Dead tech/design blog:

if ( $edit['subject']="people" && 
     $edit['homepage'] = "http://www.google.com/" ) {
     header("Location: http://jamonation.com/403.php");
   }

and in 403.php I have the following:


<?php
echo "You are a worthless spammer.";
flush();
for($i=0;$i<10;$i++) {
echo "P"; sleep(5); flush();
echo "i"; sleep(5); flush();
echo "s"; sleep(5); flush();
echo "s"; sleep(5); flush();
echo " "; sleep(5); flush();
echo "o"; sleep(5); flush();
echo "f"; sleep(5); flush();
echo "f"; sleep(5); flush();
echo " "; sleep(5); flush();
echo "s"; sleep(5); flush();
echo "p"; sleep(5); flush();
echo "a"; sleep(5); flush();
echo "m"; sleep(5); flush();
echo "m"; sleep(5); flush();
echo "e"; sleep(5); flush();
echo "r"; sleep(5); flush();
echo "
";
}
?>