スパム対策

2021-07-10 12:36:03 +09:00 · 2021-07-10 12:36:03 +09:00 · b3619bebd8
--- a/public/blacklist.dat
+++ b/public/blacklist.dat
--- a/public/blacklist.php
+++ b/public/blacklist.php
@ -0,0 +1,23 @@
+<?php
+  $badbot = 0;
+  /* look for the IP address in the blacklist file */
+  $filename = "./blacklist.dat";
+  $fp = fopen($filename, "r") or die ("Error opening file ... <br>\n");
+  while ($line = fgets($fp,255))  {
+    $u = explode(" ",$line);
+    $u0 = $u[0];
+    if (preg_match("/$u0/",$_SERVER['REMOTE_ADDR'])) {$badbot++;}
+  }
+  fclose($fp);
+  if ($badbot > 0) { /* this is a bad bot, reject it */
+    sleep(12);
+    print ("<html><head>\n");
+    print ("<title>BOT、消えろ</title>\n");
+    print ("</head><body>\n");
+    print ("<center><h1>来たわねｗｗｗｗｗｗ</h1></center>\n");
+    print ("<p><center>残念けど、こちらは人間以外立入錦糸。</center></p>\n");
+    print ("<p><center>オメェーはきゃわいいロリ警察官に報告されたから、早速消えろ！！</p>\n");
+    print ("</body></html>\n");
+    exit;
+  }
+?>
--- a/public/bot-trap/index.php
+++ b/public/bot-trap/index.php
@ -0,0 +1,39 @@
+<html>
+  <head><title> </title></head>
+  <body>
+  <p>ニャンでここに？</p>
+  <p><a href="https://technicalsuwako.jp/">戻れ</a></p>
+  <?php
+    /* whitelist: end processing end exit */
+    if (preg_match("/10\.22\.33\.44/",$_SERVER['REMOTE_ADDR'])) { exit; }
+    if (preg_match("Super Tool",$_SERVER['HTTP_USER_AGENT'])) { exit; }
+    /* end of whitelist */
+    $badbot = 0;
+    /* scan the blacklist.dat file for addresses of SPAM robots
+       to prevent filling it up with duplicates */
+    $filename = "../blacklist.dat";
+    $fp = fopen($filename, "r") or die ("Error opening file ... <br>\n");
+    while ($line = fgets($fp,255)) {
+      $u = explode(" ",$line);
+      $u0 = $u[0];
+      if (preg_match("/$u0/",$_SERVER['REMOTE_ADDR'])) {$badbot++;}
+    }
+    fclose($fp);
+    if ($badbot == 0) { /* we just see a new bad bot not yet listed ! */
+    /* send a mail to hostmaster */
+      $tmestamp = time();
+      $datum = date("Y-m-d (D) H:i:s",$tmestamp);
+      $from = "badbot-watch@076.ne.jp";
+      $to = "reports@076.ne.jp";
+      $subject = "domain-tld alert: bad robot";
+      $msg = "A bad robot hit ".$_SERVER['REQUEST_URI']." ".$datum." \n";
+      $msg .= "address is ".$_SERVER['REMOTE_ADDR'].", agent is ".$_SERVER['HTTP_USER_AGENT']."\n";
+      mail($to, $subject, $msg, "From: $from");
+      /* append bad bot address data to blacklist log file: */
+      $fp = fopen($filename,'a+');
+      fwrite($fp, $_SERVER['REMOTE_ADDR']." - - [".$datum."] ".$_SERVER['REQUEST_METHOD']." ".$_SERVER['REQUEST_URI']." ".$_SERVER['SERVER_PROTOCOL']." ".$_SERVER['HTTP_REFERER']." ".$_SERVER['HTTP_USER_AGENT']."\n");
+      fclose($fp);
+    }
+  ?>
+  </body>
+</html>
--- a/public/img/pixel.gif
+++ b/public/img/pixel.gif
--- a/public/robots.txt
+++ b/public/robots.txt
@ -1,2 +1,2 @@
 User-agent: *
-Disallow:
+Disallow: /bot-trap/
--- a/resources/views/pages/common/comments.blade.php
+++ b/resources/views/pages/common/comments.blade.php
@ -2,9 +2,10 @@
 	<h3 class="comments-count section-heading uppercase"><span>{{ $comment['total'] }} 件のコメント</span></h3>
  <div style="margin: 12px 0;">
    @if ($isvideo !== 'n')
-      <form class="notbot" action="/comment/new" method="post">
+      <form id="notbot" class="notbot" action="/comment/new" method="post">
        @csrf
        @if ($user == new stdClass())
+          <a href="/bot-trap/"><img src="/img/pixel.gif" border="0" alt=" " width="1" height="1"></a>
          <div class="form-group row">
            <div class="col-md-4 col-lg-3">名前</div>
            <div class="input-group col-md col-lg">
@ -36,7 +37,7 @@
        <input type="hidden" name="slug" value="{{ $slug }}" />
        <div class="row" style="margin-top: 16px;">
          <div class="col">
-            <input name="submit" type="submit" class="btn btn-block btn-primary" value="送信" />
+            <input id="notbot" name="submit" type="submit" class="btn btn-block btn-primary" value="送信" />
          </div>
        </div>
      </form>
--- a/resources/views/theme/techsuwa/site.blade.php
+++ b/resources/views/theme/techsuwa/site.blade.php
@ -1,4 +1,7 @@
-<?php $user = getUser(); ?>
+<?php
+  include("blacklist.php");
+  $user = getUser();
+?>
 <!DOCTYPE html>
 <html lang="{{ app()->getLocale() }}">
 <head>
@ -15,9 +18,6 @@
  @include('theme.'.env('THEME').'.component.colors')
 </head>
 <body>
-  <noscript>
-    <style>.notbot { display: none; }</style>
-  </noscript>
  @include('theme.'.env('THEME').'.component.navbar')
  <main id="app">
    <section>
@ -29,6 +29,11 @@
            @include('theme.'.env('THEME').'.component.usermenu')
          </div>
          <div class="col-md">
+            <noscript>
+              <style>
+                #notbot { display: none !important; }
+              </style>
+            </noscript>
            @include('theme.'.env('THEME').'.component.contentedit')
            @yield('content')
          </div>
@ -41,5 +46,8 @@
  <!-- Scripts -->
  <script src="{{ asset('js/jquery.js') }}"></script>
  <script src="{{ asset('js/bootstrap.js') }}"></script>
+  <script>
+    document.getElementById("notbot").style.display = "block";
+  </script>
 </body>
 </html>