There have a lot of comment spam recently, especially comment spam in Blogs
I found yesterday there have one of them can be detected from its characteristic. It using same user user-agent strings call ‘libghttp/1.0′
A user agent is the client application used with a particular network protocol; the phrase is most commonly used in reference to those which access the World Wide Web. Web user agents range from web browsers to search engine crawlers (”spiders”), as well as mobile phones, screen readers and braille browsers used by people with disabilities. When Internet users visit a web site, a text string is generally sent to identify the user agent to the server. This forms part of the HTTP request, prefixed with User-agent: or User-Agent: and typically includes information such as the application name, version, host operating system, and language. Bots, such as web crawlers, often also include a URL and/or e-mail address so that the webmaster can contact the operator of the bot.
Here is the code to block, you can create or put this code to your .htacess.
Please make sure that you enable mod_security in your apache modules
### block comment spam
RewriteCond %{HTTP_USER_AGENT} ^libghttp\/1\.*$
RewriteCond %{REQUEST_METHOD} ^POST
RewriteRule ^.*/trackback/$ - [F]
March 29th, 2007 at 4:32 pm
Thanks for this. My blog just got hit very hard this morning by pharmacy comment spam. They came from random IP address so there was no chance of blocking them by IP. Blocking them by User Agent libghttp/1.0 seems to have worked like a charm, but for some reason I had to change the last line;
RewriteRule .* - [F]
Cheers.