mod_antispam 1.0 review

Download
by rbytes.net on

mod_antispam is an apache module which can control referer spam. By using this module, you can control referer spam accesses

License: The Apache License 2.0
File size: 8K
Developer: Hideo NAKAMITSU
0 stars award from rbytes.net

mod_antispam is an apache module which can control referer spam.

By using this module, you can control referer spam accesses. As you know, sometimes you can see referer spam access in your log files. their purpose is to lead you to spam website by recording their website address in your log files.

Spammers always use bots/tools to connect your website with invalid referer.
when http server gets some HTTP_REFERER from clients, mod_antispam will connect to that website and try to find link to your website from the target.

If address is not found, module will update blacklist file automatically not to connect there later. and if your address found, update whitelist automatically not to connect here later.

Also you can edit white/black lists by hands using regular expressions.

The most important thing is HTTP_REFERER in your log files is generated from client's web browser. therefore, people who knows referer mechanism can fake their HTTP_REFERER using some tools or by hands.

When this module finds any spam URI, you can choose some actions.

(1) [Test]
record spam address into blacklist and access is allowed (test mode)
(2) [Replace]
Rejectrecord spam address into blacklist and rewrite HTTP_REFERER to none and access allowd.
by this method, access is allowed and spam address is not added in your logfile
(3) [Reject]
record spam address into blacklist and return HTTP_FORBIDDEN (access denied)
(4) [ReplaceReject]
record spam address into blacklist and rewrite HTTP_REFERER to none and access denied.

By this method, access is denied and spam address is not added in your logfile
in some case (3) or (4) is dangerous. because some websites need cookie to display their website, some site is protected by authentication. (e.g. BBS in the groupware) or some HTTP_REFERER maybe intranet address.

(e.g. http://127.0.0.1/bookmark.html, http://intranet/bookmarks.html)

This module doesn't support cookie and can't connect to authorized website, because module doesn't know that username or password.

First you should use Test or Replace mode and choose another methods when you can analyze spam URI if you need.

mod_antispam 1.0 keywords