I was previously trying to prevent comment spam by blocking access by ip address. However it does appear that this really isn't very suitable. The amount of comment spam did drop from around 500-600 items per day to around 40 - 60. So it just is not effective enough and you also run the risk of blocking valid users from accessing the content on the site.
I have now come up with a new method which is a much safer and does not require the overhead of using a database. I decided to look into the web server logs and noticed that the clients are bots and not really web browsers they only request then postback a valid page in an attempt to get the comments to appear on the site. So this new approach uses this to an big advantage.
The goal for the following code is simple. We block all postback requests until certain files are requested from the web server which is the css and image files. It is also much safer as we are not actually going to be blocking any requests for content in the same way the IP blocker was operating. We are only blocking the ability to do postbacks. This is what I managed to put together in a reasonable period of time (around 20 minutes).
public class BlogAntiSpam : IHttpModule
{
private static Dictionary<string, CachedIP> IPCache = new Dictionary<string, CachedIP>();
public void Init(HttpApplication App)
{
App.BeginRequest += new EventHandler(App_BeginRequest);
}
private void App_BeginRequest(object sender, EventArgs e)
{
HttpRequest Request = HttpContext.Current.Request;
HttpResponse Response = HttpContext.Current.Response;
if (Request.HttpMethod == "POST")
{
if (CheckAddress(Request.UserHostAddress) == true)
{
Response.Clear();
Response.Write("Sorry, You Are Banned From This Site!");
Response.End();
}
}
if (Request.HttpMethod == "GET")
{
if (Request.Url.PathAndQuery.ToLower().StartsWith("/themes/"))
{
EnableIP(Request.UserHostAddress);
}
}
}
private bool CheckAddress(string CurrentIP)
{
if (IPCache.ContainsKey(CurrentIP) == false)
IPCache[CurrentIP] = new CachedIP(CurrentIP, true);
return IPCache[CurrentIP].Block;
}
private void EnableIP(string CurrentIP)
{
if (IPCache.ContainsKey(CurrentIP) == false)
IPCache[CurrentIP] = new CachedIP(CurrentIP, true);
IPCache[CurrentIP].Block = false;
}
public void Dispose()
{
}
internal class CachedIP
{
public string IP = null;
public bool Block = false;
public CachedIP(string IP, bool Block)
{
this.IP = IP;
this.Block = Block;
}
}
}
A short note for the above I have hard coded this to see any requests from the /themes/ directory in the website. This could of course be narrowed down to certain files which may only be referenced inside the css files or use random images loaded from javascript or some such. Making it so much harder for the spammers to operate.