Use Hardware Firewall to Block Spam

As I started to use dedicated hosting for my sites - I realized for sure that hardware firewall is the ultimate solution to prevent comment/referral/trackback spam. Social media common-used antispam solutions that exist are passive and lack of power. In the long run help escalating spam attacks and make them more sophisticated. All existing solutions try to fight against people while social media is dealing with sophisticated spam software solutions.

The cost of common antispam tactics

Common-used antispam solutions like:

• deleting spam
• captchas
• banned keywords
• nofollow attribute
• etc

are not effective in the long run and help escalating spam attempts. Spam comes from spam software. Common spam solutions just need a list of keywords and some ad content to be configured initially. Afterwards the machine is able to query search engines for keywords and flood the network with millions of spam attempts while the post requests come from various public IPs and proxies. When it gets http response 200 (nofollow, banned keywords and captchas) - the software believes the attempt was success and will continue and escalate its attempts to spam.

Get hardware firewall

Seems like no-win situation for the blogging world and social media solutions out there ? Not exactly. If it is possible try to get and configure hardware firewall to get rid effectively from comment spammers. It will help make your servers more secure and finish with spam. You will still need to add captchas or some other application-level antispam tactics but it would serve only as additional protection level.

How to configure firewall

I'll try to demonstrate how easy it is to ban thousands of spammy IPs with the help of hardware firewall (I use Cisco PIX Firewall). It is less trivial to get real spammers IPs and distinguish them from public proxies, but I will save this info for another post. Initial configuration (images are clickable):

1. Create a group called something like "Banned group" for the "outside" network.
2. Configure firewall hosts/networks. Put all suspicious IPs on the "outside" network:
   
   

   

3. Configure firewall access rules to deny traffic for this group via http, https:
   
   

   

4. That's it. Next time you want to ban some IP - add it to the "banned" group.

Related Posts:

• Blog Spam: NewsGator Hacked ? (Bug in Spam Software)
• Antispam: WebaltBot = Dirty Spammer
• Thoughts on Comment Spam
• Human Comment Spammers (Distraught Visitors)
• Anti Trackback Spam Patch
• Anti Referral Spam Patch
• x2line Antispam Updates - Implementing nofollow
• Starting to Fight Comment Spammers. Initial Black List
• Dealing with Referral Spam
• Improvement to HIP CAPTCHA control for Blog Engines