Stop Forum Spam - Attack

Adam Howard

Well-known member
Anyone with a VPS or Dedicate Server could use this

Command: crontab -e

0 12 * * * /home/ >/dev/null 2>&1

echo “”
echo -n “Deleting DROP list from existing firewall…”
#This will delete all dropped ips from firewall
ipdel=$(cat $FILE  | egrep -v ‘^;’ | awk ‘{ print $1}’)
for ipblock in $ipdel
$IPT -D spamhaus-droplist -s $ipblock -j DROP
$IPT -D droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List”
echo -n “Applying DROP list to existing firewall…”
#This will drop all ips from spamhaus list.
[ -f $FILE ] && /bin/rm -f $FILE || :
cd /tmp
wget $URL
blocks=$(cat $FILE  | egrep -v ‘^;’ | awk ‘{ print $1}’)
$IPT -N spamhaus-droplist
for ipblock in $blocks
$IPT -A droplist -s $ipblock -j LOG –log-prefix “DROP Spamhaus List”
$IPT -A droplist -s $ipblock -j DROP
$IPT -I INPUT -j droplist
$IPT -I OUTPUT -j droplist
$IPT -I FORWARD -j droplist
echo “…Done”
Now if I could figure out how to change this into an add-on for XenForo .... That would be cool. I've been playing with it, but I seem to have hit a wall.
There wasn't a DoS or anything like that. PHP started to play up in that it was rejecting connections on the unix socket from the webserver. Once PHP restarted, mysql started to load way too much due to an issue with innodb is its lack of support for count(1), my mistake really. Once mysql restarted, the site was slow due to the caches being cold but once they warmed up, everything started working just fine. I've got new code coming that will remove a lot of these issues.