{"id":10146,"date":"2006-08-24T11:45:48","date_gmt":"2006-08-24T18:45:48","guid":{"rendered":"http:\/\/hill-kleerup.org\/blog\/wp\/2006\/08\/24\/403-errors-and-anti-spam-measures.html"},"modified":"2006-08-24T11:45:48","modified_gmt":"2006-08-24T18:45:48","slug":"403_errors_and","status":"publish","type":"post","link":"https:\/\/hill-kleerup.org\/blog\/2006\/08\/24\/403_errors_and.html","title":{"rendered":"403 errors and anti-spam measures"},"content":{"rendered":"<p>Posting here for my own reference &#8230;<\/p>\n<p>Avo pinged me last night that he was unable to post a comment to my blog, getting a <a href=\"http:\/\/www.hill-kleerup.org\/403.shtml\" target=\"_blank\">403 error<\/a> (Forbidden).  Hrm.  Weird.  He could read the page, but not click the post or preview buttons.<\/p>\n<p>Was having the same problem this morning.  And he couldn&#8217;t see the little editing button graphics, either.<\/p>\n<p>Hmmmm.  That sounds like something&#8217;s blocking access to the MT executable directory (the editing button graphics are put out there via JavaScript, and the buttons obviously execute .cgi scripts).<\/p>\n<p>Hrmmmm.<\/p>\n<p>I knew I had some banning bits in my .htaccess file.  I&#8217;d glanced at it last night, but hadn&#8217;t seen the IP address (via the 403 error) that Avo mentioned in there.  I looked again this morning and &#8230; bingo.  It was in there, put in by MT AutoBan.<\/p>\n<p><a href=\"http:\/\/blog.thought-mesh.net\/solidwallofcode\/mt_projects\/autoban.php\" target=\"_blank\">MT AutoBan<\/a> is a plug-in I use to ban IP addresses from junk commenters and junk trackbackers.  It&#8217;s pretty spiffy, as it keeps spam attacks from executing the the MT code after more than (configurable) 1 junk comment\/trackback is put in.  That reduces the server burden substantially (even if MT would still block it, it avoids the MT code from having to be executed again).  The ban holds true for (configurable)<br \/>\n48 hours.<\/p>\n<p>Went to the MT AutoBan configuration to confirm those settings, then seeing that it was driven by Junk settings, I went to Junk comments (being certain that Avo wasn&#8217;t sending in Trackbacks).  And there it was &#8212; a comment he&#8217;d put in for <a href=\"http:\/\/www.boulderdude.com\/2006\/08\/i_am_half_the_wit_i_use_to_be.html\" target=\"_blank\">the Humor Test over on BD&#8217;s blog<\/a>.  And since I host BD, it went against my Movable Type configuration.  <\/p>\n<p>It was showing as Junk because he&#8217;d copied in the whole results from the Humor Test, which has a very large number of internal links in it &#8212; enough links that MT&#8217;s SpamLookup system flagged it as junk (comments, generally, only have a few link in them at most &#8212; the Humor Test has several).<\/p>\n<p>(And the lesson here, for my readers, is watch the number of links in what you put into a single comment; on these sorts of things.  I see this most likely in doing responses to these sorts of memes\/personality tests.)<\/p>\n<p>Solving the problem at that point was trivial. I told MT the comment wasn&#8217;t junk, and MT AutoBan rescinded the ban, automagically.  I also tweaked the settings a little bit to lend more weight (hopefully) to &#8220;trusted&#8221; and previously approved commenters.<\/p>\n<p>The system actually worked the way it was supposed to &#8212; I wasn&#8217;t just quite clear where the glitch was initially, nor was Avo (he had seen the problem occur after the comment gave him a message about moderation &#8212; but that was on a different blog than mine, where he was seeing the problem, so ).<\/p>\n<p>Filed for future reference &#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Posting here for my own reference &#8230; Avo pinged me last night that he was unable to post a comment to my blog, getting a 403 error (Forbidden). Hrm. Weird&#8230;.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_seopress_analysis_target_kw":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,39],"tags":[],"class_list":["post-10146","post","type-post","status-publish","format-standard","hentry","category-blogging","category-spam"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":11526,"url":"https:\/\/hill-kleerup.org\/blog\/2007\/08\/07\/oh_the_spamming_outside_i.html","url_meta":{"origin":10146,"position":0},"title":"Oh, the spamming outside is frightful","author":"***Dave","date":"Tue 7-Aug-07 11:10pm","format":false,"excerpt":"Getting hit pretty nastily over the past few days by spambots here -- not that anything has actually made it to the live pages, but my \"junked comments\" and...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"spam","src":"https:\/\/i0.wp.com\/www.hill-kleerup.org\/blog\/images\/spam.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":8934,"url":"https:\/\/hill-kleerup.org\/blog\/2006\/03\/21\/spambastards.html","url_meta":{"origin":10146,"position":1},"title":"Spambastards","author":"***Dave","date":"Tue 21-Mar-06 2:39pm","format":false,"excerpt":"Rrg. More trackback spam, which is causing both server problems and problems using the trackback system to begin with. Have started playing, again, with renaming the trackback CGI file. Also...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5853,"url":"https:\/\/hill-kleerup.org\/blog\/2004\/07\/09\/firefox_buttons.html","url_meta":{"origin":10146,"position":2},"title":"Firefox, buttons, MT, rich text editing, and me","author":"***Dave","date":"Fri 9-Jul-04 8:46pm","format":false,"excerpt":"Okay, the code all works (including a small button and an Amazon image button) in the bm_entry (Bookmarklet screen) and edit_entry (MT Edit screen). Woo-hoo, and hoody-hoo. Problem is, I...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10414,"url":"https:\/\/hill-kleerup.org\/blog\/2007\/01\/24\/reducing_server_load.html","url_meta":{"origin":10146,"position":3},"title":"Reducing server load","author":"***Dave","date":"Wed 24-Jan-07 11:52am","format":false,"excerpt":"Got an e-mail from the good people at Hosting Matters over the weekend that comment spam activities on my blog were causing some significant server hits, with suggestions on what...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":12709,"url":"https:\/\/hill-kleerup.org\/blog\/2008\/02\/20\/anti_spam_update.html","url_meta":{"origin":10146,"position":4},"title":"Anti-spam update","author":"***Dave","date":"Wed 20-Feb-08 9:36pm","format":false,"excerpt":"Comments are tending to remain spam-free (thank you, TinyTuring). A few occasionally are popping up as added by real (evil) people at keyboards; these tend to be fairly obvious on...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"spam","src":"https:\/\/i0.wp.com\/www.hill-kleerup.org\/blog\/images\/spam.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":11897,"url":"https:\/\/hill-kleerup.org\/blog\/2008\/01\/05\/installing_movable_type_4.html","url_meta":{"origin":10146,"position":5},"title":"Installing Movable Type 4","author":"***Dave","date":"Sat 5-Jan-08 8:03pm","format":false,"excerpt":"I'm going to use this post to keep track of my MT4 installation.\u00a0 The good folks at Hosting Matters (who are probably sick and tired of my site sucking...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/10146","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/comments?post=10146"}],"version-history":[{"count":0,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/10146\/revisions"}],"wp:attachment":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/media?parent=10146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/categories?post=10146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/tags?post=10146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}