2

I'm trying to block a range of IP that is sending tons of spam to my blog. I can't use the solution described here because it's a shared hosting and I can't change anything to the server configuration. I only have access to a few options in Remote IIS.

I see that the URL Rewrite module has an option to block requests, so I tried to use it. My rule is as follows in web.config:

            <rule name="BlockSpam" enabled="true" stopProcessing="true">
                <match url=".*" />
                <conditions logicalGrouping="MatchAll" trackAllCaptures="false">
                    <add input="{REMOTE_ADDR}" pattern="10\.0\.146\.23[0-9]" ignoreCase="false" />
                </conditions>
                <action type="CustomResponse" statusCode="403" />
            </rule>

Unfortunately, if I put it at the end of the rewrite rules, it doesn't seem to block anything... and if I put it at the start of the list, it blocks everything! It looks like the condition isn't taken into account.

In the UI, the stopProcessing option is not visible and is true by default. Changing it to false in web.config doesn't seem to have any effect.

I'm not sure what to do now... any ideas?

Community
  • 1
Thomas Levesque
  • 161
  • 2
  • 2
  • 8

1 Answers1

6

#1 WP Plug-in

Wordpress, check out the follow, you may or may not need a plug-in

  1. Read this link discuss various WP anti-spam plugin and tuning WP setting so you don't need plugin.
  2. Top 10 WP Anti-spam plugin
  3. Wordpress plugin page

Since you do have control over the web server, installing plugin should be no problem.

#2 IIS Web.config

IP base blocking can be done with IIS Web.config, following is example for allowing all but blocking specific IPs

<security>
   <ipSecurity allowUnlisted="true">    <!-- this line allows everybody, except those listed below -->            
       <clear/>     <!-- removes all upstream restrictions -->                
       <add ipAddress="83.116.19.53"/>     <!-- blocks the specific IP of 83.116.19.53  -->                
       <add ipAddress="83.116.119.0" subnetMask="255.255.255.0"/>     <!--blocks network 83.116.119.0 to 83.116.119.255-->                
       <add ipAddress="83.116.0.0" subnetMask="255.255.0.0"/>     <!--blocks network 83.116.0.0 to 83.116.255.255-->                
       <add ipAddress="83.0.0.0" subnetMask="255.0.0.0"/>     <!--blocks entire /8 network of 83.0.0.0 to 83.255.255.255-->                
   </ipSecurity>
</security>

More info in this link.

#3 IIS Web.config rewrite

Found following here, maybe you can try it.

<!-- Heading for the XML File -->
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.webServer>
        <rewrite>
            <!-- This is where the rules start, this one will block EVERYTHING on your site with the <match url=".*" /> -->
            <rules>
                <rule name="Blocked Users" stopProcessing="true">
                    <match url=".*" />
                    <conditions>
                        <!-- This will just go to the 'Bad Ips' rewriteMap below and compare it to the REMOTE_ADDR which is the requesting IP -->
                        <add input="{Bad Ips:{REMOTE_ADDR}}" pattern="1" />
                    </conditions>
                    <!-- Actions can be Custom Rewrite, Redirect, or Just Abort Request, uncomment examples as needed -->
                    <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
                    <!-- This one will rewrite url to specified file
                    <action type="Rewrite" url="error.html" appendQueryString="false" /> -->
                    <!-- This on will redirect to another site
                    <action type="Redirect" url="http://www.google.com" appendQueryString="false" /> -->
                    <!-- This one will just Abort
                    <action type="AbortRequest" /> -->
                </rule>
            </rules>
            <!-- This rewrite Map is where you choose your blocked IP's, values with 1 are blocked, all others are ignored, simple add your keys -->
            <rewriteMaps>
                <rewriteMap name="Bad Ips">
                    <!-- This one will use wildcards -->
                    <add key="108.166.*.*" value="1" />
                    <!-- This one wil use static IP -->
                    <add key="12.13.15.16" value="1" />
                </rewriteMap>
            </rewriteMaps>
        </rewrite>
    </system.webServer>
</configuration>
John Siu
  • 3,577
  • 2
  • 15
  • 23
  • Thanks, but I don't want to detect these spams at Wordpress level. I already use Akismet, and I blacklisted the IPs in WP, but the volume of these spams is such that the dashboard becomes unusable until I delete them. I just want to stop answering requests from these addresses – Thomas Levesque Nov 12 '12 at 09:21
  • I updated the answer with Web.config IP base blocking. – John Siu Nov 12 '12 at 15:11
  • Thanks, but this is assuming that the IP restriction role is installed. Unfortunately it's not the case, and since it's a shared hosting I can't install it. The URL Rewrite module seems to be my only option. – Thomas Levesque Nov 12 '12 at 15:31
  • Added a rewrite method found in web. – John Siu Nov 13 '12 at 08:19
  • This looks promising, but it doesn't seem to have any effect... thanks anyway. – Thomas Levesque Nov 13 '12 at 10:43