Skip to content

PHPrbl

Ever had those annoying referrer spammers ruin your website’s statistics? If you run a big website, or a weblog, you must be getting fed up with this blasted referrer spam.

You’re not alone, I have this problem as well and got fed up with the whole thing. After weeks of playing with the idea of blocking referrer spammers using rewrite rules, I got fed up wit the high amount of energy it would demand of me just to block IP addresses that seemed to be open proxies anyway.

Referrer spam

Referrer spam is, simply explained, a client leaving a fake referrer on your website. The statistics program that generates the referrer reports treats this referrer like it would treat any other referrer and list it in your website’s referrer list. These referrer spammers don’t just visit your site once, they visit it several times an hour, resulting in something like this. These referrers have nothing to do with my site whatsoever.

RBL

Upon digging a bit deeper into the muck that was created by this referrer spam, I discovered that most of the originating IP addresses were open proxies. A lot of these open proxies are listed by RBL lists that are primarily used by mailservers to block spammers.

This is where PHPrbl comes in, it checks the IP address of the visiting client against one or more RBL lists and will block the client if it is indeed listed.

I want it!

Okay, you can download version 0.4 of PHPrbl here.

I want to contact you

No problem, you can use this form on my website. Please feel free to
drop a line if you use PHPrbl. Comments and suggestions are welcome too!

Zee grand TODO list

  • Add whitelisting functionality.
  • Add more administrative possibilities.
  • Find a bigger list of RBL services that list open proxies. SORBS was nice, but it also lists dynamic IP ranges. We’d be blocking too big an audience if we used it.
  • The logging to MySQL can definately be rewritten to be more eficcient and more modular, so you can add your own RBL service without needing to rewrite stuff. Done in version 0.2
  • If logging to MySQL is enabled, use the timestamp as a ‘lastseen’ option allowing us to block the IP address even before we do the DNS lookup. This could speed things up, especially on servers that have DNS lookup problems. Done in version 0.3
  • (create own RBL list, to block some IP addresses that are not listed as open proxies, when bored on a rainy afternoon) Had plenty of afternoons to do this now.

Are there drawbacks

Yes, because PHPrbl needs to do a DNS lookup on a hostname, the loading of the page might be a bit slower, depending on the server the site is running on. On my own
sites, I have not noticed any slowdown however.

The prechecking option should improve performance a bit.

Helping out

While I work on a way for people to submit IP addresses for my own RBL, you can help out by donating some money through PayPal :)

Changelog

Version 0.4 – October 26 2005

After too long of an away time, I’ve finally had some time to do some more coding.

  • Streamlined the code based on input given by Steven Lynn. Fewer queries are now used to do the same thing. Thanks!
  • New feature: keywords checking; referrers are now matched to keywords given by the site admin. If a match occurs, the client will be blocked. (For myself this feature has already proven to be very, very effective)
  • First start of an admin area for PHPrbl, for now, only the ability to add and removed keywords is present. Whitelisting and local IP blocklist management will be added soon.

Version 0.3.1 – May 17th 2005

  • Fixed bug: If prechecking was enabled, it would only check against the local database and skip the DNS lookups if no positives were detected. This allowed IP addresses not in the database to access the site and still leave false referrers.

Version 0.3 – May 16th 2005

  • Prechecking using the data in MySQL, no more DNS lookups when it’s not needed
  • Fix of bug, discovered by Steven Lynn, that could result in false positives.

Version 0.2 – May 10th 2005

  • Logging of the last referrer given by an IP
  • Rewrite of logging to MySQL which implies:
    • Previous gathered data is useless
    • IP addresses are now unique in database
    • Hits of IP addresses in the same row
    • Logging of the given referrer for review
  • Added exit code telling the site is protected by PHPrbl

Version 0.1 – May 5th 2005

  • Initial release.

Mumbo Jumbo

PHPrbl – © Eelco Wesemann, 2005

This is free software, released under the GNU/GPL License.