Comments for IE6 disabled
The last few days I had a huge spamrun targetting my weblog. The attack is pretty stupid, no comments get past coreblog's defenses, but they generate a lot of traffic and confusion in the logs/stats. The botnets the spammers are using seems to be "fresh", so it's mostly not yet in the HoneyPotBL. I had started to block the IP addresses whenever I spotted them, but playing "whack a mole" with spammers gets boring real fast.
Stupid enough, the spammers are abusing the user agent string of IE6. I can't just block that, as still many people use this. But I can block this particular browser from doing POST requests on my server, returning a 403 error code. The requests are still there, but they eat up a lot less resources.
For how it's done on the technical side, read on...
Basically what I do is to change some settings in apache's httpd.conf:
SetEnvIfNoCase User-Agent "^Mo...(user-agent-string-here)$" block_bad_bots_post
... snip ....
<VirtualHost _default_:80>
... snip ....
<Location "/">
Order Allow,Deny
Allow from all
Deny from env=block_bad_bots
<Limit POST>
Deny from env=block_bad_bots_post
</Limit>
</Location>
This allows IE6 users to browse the site (GET requests are succeeding), while they can't POST to forms. They get a 403 status code, with a helpful text (for those cases when a real human being attempts to post a comment). I have another Deny line, for all those user agent strings I totally disallow.
It's a mean world out there.