block Wordpress spambot by user agent

[bad_brain]

there's some peak in bot activity on the net, at least when I look at the logs of my servers.

a pretty annoying kind does Wordpress registrations, and it seems to be able to evade nocaptacha recaptcha (the kind where you have to check "I'm not a bot" first and then you have to mark cars or traffic signs).

what they all seem to have in common is the user agent (UA):

Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1

it's pretty safe to block that UA because a 6-7 year old FF version...seriously?

in .htaccess:

Code: Select all

RewriteEngine on
 RewriteCond %{HTTP_USER_AGENT} Firefox/7\.0\.1 [NC]
RewriteRule !^fuckyou\.txt$ - [F]

[Gogeta70]

I love it... "fuckyou.txt" ha!

[ph0bYx]

Lisa FTW

[bad_brain]

got this in the back of my head since some days already....there must be ways to abuse those bots for fun & profit. had no time to really think about it or to create/analyze a tcpdump of their requests, but there are many possible options, I mean, you can forward their requests with mod rewrite to pretty much anything...

[ayu]

got this in the back of my head since some days already....there must be ways to abuse those bots for fun & profit. had no time to really think about it or to create/analyze a tcpdump of their requests, but there are many possible options, I mean, you can forward their requests with mod rewrite to pretty much anything...

Would be interesting to figure out if they will try to solve "every" captcha presented to them.
Then you could just put it in a captcha loop

[Gogeta70]

Do they process javascript? Have them mine bitcoin!

[ph0bYx]

Do they process javascript? Have them mine bitcoin!

My thoughts exactly!