For those of you who control your Apache server driving your blog and who would like to easily block the incoming tide of spam with the fake user-agent “-- WordPress/2.1-alpha3
” then all you need to do is to add the following to your .htaccess or central Apache configuration.
BrowserMatchNoCase "-- WordPress/2.1-alpha3" spambot=1
deny from env=spambot
allow from all
That should then cause the spammers to bounce off with a 403 “go away” error. You can also lather, rinse, repeat for other spam user-agents you would prefer not to let into the house..
On another point, a couple of them (one each in Brazil, Holland and Israel) had a fake SMTP server listening on port 25:
220 ESMTP service ready
help
250 ok
quit
250 ok
quit
250 ok
bye
250 ok
^]
telnet> quit
Connection closed.
Very odd!
Update: Also see Fight Blog Spam with Apache.
Will this block real trackbacks as well?
Only if they are using that particular alpha release and if they are they’ve got worse problems to worry about than a few trackbacks being blocked. 🙂