I use a .htaccess file with, for example: SecFilterEngine On SecFilterScanPOST On SecFilterDefaultAction "deny,log,status:404" SecFilterSelective "REMOTE_ADDR" "^85.25.141." SecFilterSelective "REMOTE_ADDR" "^220.127.116.11$" SecFilterSelective "HTTP_REFERER" "viagra" SecFilterSelective "HTTP_REFERER" "phentermine" SecFilterSelective "HTTP_REFERER" "online-cassino" Actually, my list of REMOTE_ADDR's + HTTP_REFERER's has more than 300 lines. This way apache's mod_security denies access even before the spammer hits my index.php Works like a charm. Regards, -- Eduardo Bacchi Kienetz LPI Certified - Level 2 http://www.noticiaslinux.com.br/eduardo/ On 7/19/06, Chris Hayes <chris at lwcdial.net> wrote: > I've thoughtof numerous methods to avoid this.. and with each method I can > imaginatify (a Bushism 4 sure Yo!)... the anti-method. > > G'luck buddy > > > ----- Original Message ----- > From: "misterhaan" <misterhaan at track7.org> > To: <thelist at lists.evolt.org> > Sent: Wednesday, July 19, 2006 10:17 PM > Subject: Re: [thelist] preventing (further) attempts to spam a site > > > > Sarah Adams wrote: > >> I was thinking that once someone (or a bot) tries to submit a form with > >> bad input (based on evidence of header injection attempts or html where > >> it shouldn't be allowed), rather than simply clean up the input or > >> ignore the request, I could return a 404 header. I was thinking this > >> *might* discourage them from trying again. What are the chances this > >> will make a spammer stop coming back to spam this form? (I wouldn't > >> expect it to stop all spammers, but if it stopped even a few, it might > >> be worth it.) > > I would think a 403 would be more appropriate than a 404, but at the > > same time I'd be surprised if spammers are paying any attention to the > > response they get from the server.