DEVHIDE
Login Or Sign up

Should I use a DNSBL to check web traffic to block spammers?

624 Views Asked by At

Rather than solely fighting off spam with CAPTCHAs and spam comment checkers - is it a good idea to check each request against a DNSBL and block the user if they are using a bad IP?

$blacklists = array('web.sorbs.net', 'opm.tornevall.org');
$parts  = explode('.', $_SERVER['REMOTE_ADDR']);
$ip  = implode('.', array_reverse($parts)) . '.';
foreach($blacklists as $bl)
{
    $check = $ip . $bl;
    if ($check != gethostbyname($check))
    {
        error_log('PHP Security: [DNSBL] - ' . $_SERVER['REMOTE_ADDR'] . ' - ' . $bl);
        die('Put a detailed error here so the client knows why they have been blocked');
    }
}

It seems like the only problems would be over-zealous IP blocking of good users by the DNSBL or the large cost of making a DNS lookup each request.

php spam-prevention dnsbl
Original Q&A
2

There are 2 best solutions below

2
On BEST ANSWER

This might help, but you will have to take two things into consideration: False Positives and False Negatives.

DNSBLs tend to have quite a few of both. False Positives that hit innocent users, and False Negatives that will miss good chunks of botnets. The best solution I have found for dealing with spam online is to use CAPTCHAs.

0
On

The lookup you're doing there is by the way not enough, you should consider using something like the code below instead. Besides, this code also supports the kind of ipv6-resolving that dnsbl.tornevall.org is supporting.

function rblresolve ($ip = '', $rbldomain = '')
{
   if (!$ip) {return false;}                       // No data should return nothing
   if (!$rbldomain) {return false;}        // No rbl = ignore

   // New ipv6-compatible function
   $returnthis = (long2ip(ip2long($ip)) != "0.0.0.0" ? explode('.', gethostbyname(implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain)) : explode(".", gethostbyname(v6arpa($ip) . "." . $rbldomain)));
   // 127-bug-checking
   if (implode(".", $returnthis) != (long2ip(ip2long($ip)) != "0.0.0.0" ? implode('.', array_reverse(explode('.', $ip))) . '.' . $rbldomain : v6arpa($ip) . "." . $rbldomain)) {return $returnthis;} else {return false;}
}
function v6arpa($ip)
{
   $unpack = unpack('H*hex', inet_pton($ip));
   $hex = $unpack['hex'];
   return implode('', array_reverse(str_split($hex)));
}

Related Questions in PHP

Related Questions in SPAM-PREVENTION

Related Questions in DNSBL

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.