bots

Hi,

I have a private site which is undergoing a massive attack (without success, already mentioned here: http://drupal.org/node/811734).
An answer was to set up a small javacript that sets a variable and if a robot visits the javascript won't be triggered.
I could then test for the variable & if not set then don't display the comment form.

How would I do that?
Any help is appreciated.

(Note: This proposal has been submitted)

// Idea Summary

The idea is to improve, and implement a feature-rich XMPP API (Extensible Messaging and Presence Protocol) in Drupal 6. Such an API will allow communication between Drupal and other XMPP clients. This will give an alternative on how Drupal systems can notify users of changes/updates. Users might also remotely interact with Drupal, using IM. A generic API will also benefit the Drupal universe as other modules can hook into XMPP when needed.

One of my sites allowed a new user (a spammer, of course) to register and start posting content under the 'authenticated user' role a few days ago, even though my user settings were configured to require admin approval of all new accounts.

One of my low-traffic sites was hit with significant trackback spam. We found out when we were notified by our hosting provider of a significant bandwidth overage for the month.

The spam module was doing a great job of keeping the spam out, but due to the flood of trackback requests during a sustained period, we experienced a massive increase in traffic.

I have now disabled trackbacks on that site (ti's the only site I had set up to allow trackbacks) and have enabled the spam module's "Trackback Black Hole" module so that all trackback requests are dropped immediately.

I just wrote an article about using htaccess to block spambots and scrapers, thought it might be good to post here. In the article, I go over how to block access by user-agent, referrer, IP address, and a few other things.

I've seen a significant increase in referrer spam lately. Starting a few months back, I saw the referrer 'alti.asu.edu' rise to the top of my "Top Referrers in the past N days" logs - along with apparent automated account sign-ups by 'nareman' and comment spam with 'people' in the title.

Banning IP addresses was pointless - a waste of time, because the IP addresses used varied widely over time, and the access patterns seemed to ensure that the spammer wouldn't trigger any kind of flood control - the IP addresses shifted often enough that the IP addresses wouldn't rise to the top of the 'Top Visitors' log. It was like playing Whack-a-mole -- by the time the IP address was on the radar screen, it was too late, the bot was using a different IP address.