ShoutMeLoud – Shouters Who Inspire

Superlinks
≡ Menu
≡ Menu

Protect any PHP/MySQL site from Spambots and Hackbots

bluehost
Protect any PHP/MySQL site from Spambots and Hackbots

Ash has already shared a useful WordPress tutorial earlier, if you have missed it, Do read: Supercharge your WordPress blog in one hour. If you run a PHP/MySQL site, forum, CMS, or blog and want to keep hackers and spambots from filling up your content with spammy posts or comments, then keep reading. If you like free solutions, then keep reading.

ZB Block is a free script from the famous Zaphod, who has been active on Usenet since the late 1980s. He doesn’t like spam content, so he wrote this great script that you can install.

How to install ZbBlock:

Unzip the file and upload the contents of the zbblock folder to the /zbblock folder on your server:

zbblock0

Upload to /zbblock on the server

If you want to keep out the Chinese and Korean spammers, you are effectively blocking innocent people from those countries. If you don’t care about that, then also download and unzip the China and North Korea blocks file.

Take the customsig.inc file and in the provided gap insert the contents of the above file. It looks like this:

zbblock2

Chinese and Korean IP blocks

zbblock1

customsig.inc

You can add any other country blocks using the above formats but keep in mind that the smarter spammers use proxies and infected PCs, so nothing is 100% foolproof. I notice that Asian spammers get a web host in the US where they run a proxy server so I tend to block popular US hosting providers as this doesn’t block normal Americans who go directly from their home/work PC to your site. Too bad for the few Americans who use legit proxies on their web host accounts.

Run the setup.php script and follow the instructions. (After you have run it successfully, you can’t reach it again.)

Essentially, you have to add a special tag at the very beginning of every page you want to protect. For a WordPress site, you can open up header.php:

zbbwp1

Insert the ZB Block tag at the start of the page.

Notice that there is no space between the ZBB tag and the start of the doctype. This is very important.

Testing security of your WordPress blog

You can fly to China, er, no, there is an easier way. At the end of your site URL after the slash, add “?test=xtestx” and you should see a screen like this:

zbblock3

That’s it.

Go ahead, and improve your WordPress blog security. If your blog is hacked, there are many WordPress plugins to check your blog. Also, try WordFence WordPress plugin, which will help you to further improve the security of WordPress blog.

This is a guest post by Ash NallaWalla who blogs at ceviews.org. If you like to write for Shoutmeloud, do read: Shoutmeloud revenue sharing program.

  • Author Bio

  • Latest Post

Article by ash_nallawalla

Ash has written 2 articles.

If you like This post, you can follow ShoutMeLoud on Twitter. Subscribe to ShoutMeLoud feed via RSS or EMAIL to receive instant updates.


{ 18 comments… add one }

  • Atys

    is there any client side script to block blogs without post/comment dates?

    Reply
  • Lane Lester

    The hacker type I have showing up on my WordPress sites is the “C4 Parana Defacer.” I have a number of security fixes in place, but they still get through. I hope this script will do the job, and I will spend some time at the ZB Block site to learn more about it.

    Thanks for posting about it and how to use it with WordPress. Also thanks for having the email followup function.

    Reply
  • ash_nallawalla

    Thanks, Zaphod. For the benefit of others, the link requires one to be logged in, else it returns an error. Will be updating my signatures in the morn.

    Reply
    • Zaphod

      Strange, I logged out, and it still displayed, as it should.

      The update forums are supposed to be public. So I am a little surprised.

      Reply
  • Zaphod

    How is my script working out for you guys?

    (Yes, I have Google alerts set to provide notice of people talking about my script. Sorry for the intrusion.)

    Zap :)

    Reply
  • fareed@smashblogtips

    excellent post i am going to try this software, thank you for sharing

    Reply
  • Najeeb Puthiyallam

    Great but i think its not an effective way to do so. Still hacking is possible i believe. Anyway lets give a try :)

    Reply
    • ash_nallawalla

      What would be a better way to do it? A cracker would prefer to bring down some prominent site than a random one where the owner might not even know about it. Witness those sites that still show the defacement by Turkish hackers on the home page.

      Reply
  • Tinh

    Great tool but does this help prevent botnet?

    Reply
    • ash_nallawalla

      It can’t prevent botnets because their IPs are random PCs all over the world. But a lot of site owners get fed up of dealing with Chinese spam in particular and I am seeing >90% from Beijing area IPs. I also block large chunks of US web hosts because hosting accounts are used for some spam proxies.

      Reply
      • Tinh

        Is there any tool that can prevent botnet? Thanks

        Reply
        • ash_nallawalla

          An AK47 is quite effective, I am told. :)

          Did you mean preventing botnets from occurring, or preventing a botnet from attacking your site? The former won’t happen until perhaps IPv6 becomes ubiquitous. You can’t prevent a botnet attack other then by disconnecting from the Internet, since they can use any IP address. All you can do is install a script like this one, follow some of the recommended changes, harden the server, and then cross your fingers.

  • Free Hosting @letwebhost

    haha really Great tool I think.I will try to use use this tool .Spammers bye bye

    Reply
  • Gojeg

    Hmm..spambots and hackbots will be a serious problem if we don’t care about this. :P

    Reply
  • 113tidbits

    I would add a 403 bounce to the crappy spam countries via htaccess.

    Reply
    • ash_nallawalla

      But this is what Zbblock does.

      From its website: “This php security script is designed to detect certain behaviors detrimental to websites, or known bad addresses attempting to access your site. It then will send the bad robot (usually) or hacker an authentic 403 FORBIDDEN page with a description of what the problem was. If the attacker persists, then they will be served up a permanently reccurring 503 OVERLOAD message with a 24 hour timeout.”

      Reply

Leave a Comment