Geeklog Forums

I'm trying to use Spam-X to block some trackback spam, and I'm a little confused.

On the Spamx Admin page, there is an option
"Edit IP blacklist"

I assume this means that if I put a specific IP address in this blacklist, that Spamx will block any posts that come from that IP address, although that's not absolutely clear.

When I click on that link, I get a page with a box to enter an IP, which also says:
"Entries can use full Perl Regular Expressions"

I'm not a Perl regex expert, but I've read some man pages, and it shouldn't be tough to write a regex for an IP range, but I'm not having much luck.

First question is whether the regex needs to be contained between //, as it does in Perl, or whether that is just assumed.

For example, I got a couple of trackback spams from IP address 150.101.110.183.
I decided I wanted to block that class C, 150.101.110.anything

My first attempt was:
/150\.101\.110\.\d*/

But when I entered that, it showed up in the list as
/150

So I tried it without the enclosing //
150\.101\.110\.\d*

But that showed up as
150

From my reading about regex, it seems that I need to code \. instead of . if I want to match just a dot, and not any character. But coding a \ seems to cause everything after it to disappear. I tried using a double \\, and it still didn't work.

I'm also uncertain about what goes at the end, if I could get that far. A lot of wildcard syntax just uses * to indicate any string. But, if I've interpreted regex doc correctly, a * in regex means repeat the previous character or pattern 0 or more times. So I used \d*, because \d is supposed to represent any digit, and the * indicates repetiton.

So far, the only way I've gotten IP blacklist to work is to code a complete single IP address. Any attempts to use a single entry to match multiple IPs fails. Does anybody have an example of how to enter a pattern in the IP blacklist that would block an entire class C range?

Yeah, I complained about that awhile back too. There are some spam-x hacks that I don't think even work, why they are there I have no idea. I changed the function to use eregi instead of that pcre stuff. Also, if you enter any expression with '' it will barf. I've been using phpadmin to edit the DB for my entries. I've been too lazy to fix it on my site.

This works (and is highly recommended ...):

85.255.113.*
85.255.114.*

Have to look into the other examples - this may be simply a case of "too much copy and paste" of text snippets between the Spam-X modules.

bye, Dirk

Yeah ... I think I've seen those addresses too, except in my case Bad Behavior stopped them. I'll go ahead and add them to the IP blacklist too, just in case they fix the behavior that is making BB stop them.

Thanks for the response on the wild card syntax. That is certainly simpler than the regex format.

Edit IP of URL Blacklist

What is this used for?

Byte

For the case where a bunch of different spamvertized domains are all hosted on the same server. This lets you blacklist that server's IP address without having to keep track of all the different domains.

bye, Dirk