Submitted by patrick on Fri, 03/18/2011 - 02:43
Posted in
Hooray! I finally opened my ScenePainter website up for the public, did some minor SEO for it and after only about a week or two, my most diligent user is a russian spambot. It visits me about once every half an hour and tries to publish it's crap in a "head against the wall fashion": It first tries to log in, then attempts to add a new node eleven(!) times, but fails on several required fields.
Apart from it's obnoxious persistence, the most interesting thing about this bot is that, from time to time, somebody actually seems to bother to register new user accounts for it. I mean, who takes the time to deal with the CAPTCHA on the registration page but doesn't care to check whether or not it's worth the effort?
More importantly: Who actually pays for bulk linkspam that is neither useful for SEO purposes nor can be expected to stay up long enough to bring in customers?
And here we have my problem: The linkspam does not make it through on my website, as the bot fails to fill in required form fields. So, even if I'd be willing to allow it to successfully publish some nodes, it wouldn't be able to do so. Which, of course, means that I only see the failed POST attempts in the webserver log, but not who's trying to advertise their crap on my pages.
So, in essence, I need a Drupal module that logs failed HTTP POST requests to a file (I really don't need to put junk into my database). Well, not that difficult:
<?php function intercept_user($op, &$edit, &$account, $category = NULL) { //if ($op == 'validate') _log(); } function intercept_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) { if ($op == 'validate') _log(); } function _log() { // Change this to where you want to log it. Make sure, the webserver has write permission. $logfile = "/var/log/requestslog.txt"; $fh = fopen($logfile, 'a') or die("can't open file"); fwrite($fh, "\n\n---------------------------------------------------------------\n"); fwrite($fh,date(DATE_RFC822)."\n"); fwrite($fh,$_SERVER['REMOTE_ADDR']."\n"); foreach($_SERVER as $h=>$v) { if(ereg('HTTP_(.+)',$h,$hp)) fwrite($fh, "$h = $v\n"); } fwrite($fh, var_export($_POST,true)); }
And the .info file for it:
; $Id$ name = Interceptor description = Intercept and log POST requests for nodes core = 6.x
Simply put these two snippets in files called intercept.module and intercept.info respectively.
Oh and for the curious: I'm being spammed with cigarette and wrist watch replica advertisement from a supplier who jumps through every hoop there is to conceal his identity. Go figure.