Blocking the xmix spammer
Update
The block below doesn’t work on my server.
But check this page:
http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/
And the line you’d need would be:
SecFilterSelective “POST_PAYLOAD” “(xmix)”
But first you need to set up mod_security in .htaccess. Read that article for the specifics. And remember to modify the path to the log.
Be careful with this stuff though. I added that block, and didn’t test it afterwards. The blog barfed, and I had to remove it. - webhost says I don’t have mod_sec on that server, so no wonder.
——————-
Updated April 10
For a block that’s working against the xmix spammer, and any other trackbacks without a user agent, check out this post. It’s the line with the ^$ that works:
http://spamhuntress.com/2005/04/08/wp-trackback-block/
Won’t that block anyone who doesn’t send a User-Agent? There are a few personal firewalls/security packages that block User-Agent for outgoing HTTP traffic that might be affected by it if that is the case.
Yes, if it had worked. It didn’t. But it only would have worked on POST, not GET, which is less of a hazard.
But as it is, I think this one needs to be blocked for payload. I know others have blocks for that, I just don’t remember where they are.
OK, found one:
http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/
So, that would be:
SecFilterSelective “POST_PAYLOAD” “(xmix)”
Remember, you need mod_security for this to work.