Beating off referrer spam with mod_security

Mod_security so far has been quite effective at beating off the referrer spammers since I installed a few rules. It seems to have gotten even better since using blacklist_to_modsec to generate a bunch of rules based on MT Blacklist.
According to my stats, my server went from serving up at least 50MB of bandwidth/month to spammers (11 000 + requests/month) over the last two months (and that was just 403, 404 and 500 errors) to just 550kB (1500+ requests) so far this month (my default mod_security action is to send a 412 Precondition Failed error). They’re still there and banging away, but instead of having to serve up the entire page requested, all they get is a 350 byte error page. That means a heck of a lot less bandwidth that I have to waste on spammers. There are still a few sneaking through, but it’s not nearly as bad as it was before.
To paraphrase Flo, Kiss my bits spammers.


Discover more from Imablog

Subscribe to get the latest posts sent to your email.