Blocking all open proxies from posting on site

Giganews Newsgroups
Subject: Blocking all open proxies from posting on site
Posted by:  Mentalguy2k8 (Mentalguy2…@gmail.com)
Date: Thu, 12 May 2011

Hi,

A friend has a small-scale forum site on a 3rd-party Apache server, which is
getting ruined by people using open proxies to post all kinds of crap. He
doesn't have access to the Apache mods, so is using the .htaccess to
blacklist various IP's, User-Agent strings etc.

Problem is, as soon as he adds one proxy, 10 more come along. I came up with
the following idea, is it feasible?

I was thinking of rather than holding a blacklist, use the .htaccess to hold
a whitelist instead. Find every unique IP/block that uses his site
legitimately and add all those, then add a selection of the most popular
(UK, US and Australian) ISP IP blocks and block everything else. I thought
maybe he could use the "access denied" page to link to a separate forum
where the person could post (if they think they've been denied unfairly) and
he could extract the IPs from there and add them, too. Pretty much
everything that comes from outside of the English-speaking world, is
unwanted.

My question is, is there an easier way? His site is literally unuseable most
days until he goes through and deletes hundreds of posts. I figured it would
be better to inconvenience a few users until they get their ISP added to the
whitelist, than to lose visitors because of the crap that's posted there
every day. If there's a more efficient/successful way to implement some form
of filter, I'd love to hear it.

One last question, how many entries would be a safe maximum in the htaccess
file? I've read that too many can cause a slowdown or worse... but he has
two htaccess files - one at the root, and one in the script directory that
the "post" script is kept in, so by utilising the one in the script
directory (and keeping the root one empty), this only makes up about 5% of
the server usage - anyone can read the entire site, but only the whitelisted
visitors can post.

Many thanks for any advice.

Replies