Feature request, block comments depending on user-agent

Resolved jaeger
(@jaegerschnitzel)

6 years, 2 months ago

In the last months there are some spam campaigns that are not recognized by the plugin and I had to delete hundreds of spam comments manually.

After the second attack I tried to delete these comments via phpmyadmin. Then I noticed that all spam comments have the “user_agent” python-requests/2.23.0. This information is only available in the database as far as I can see.
Is it possible to create a new blocking feature where it’s possible to mark comments as spam when a certain user-agent is used?

Viewing 7 replies - 1 through 7 (of 7 total)

Plugin Contributor Torsten Landsiedel
(@zodiac1978)

6 years, 2 months ago

Hi @jaegerschnitzel,

at the moment we do not check the user agent and the filter for adding own patterns is not supporting the user agent too.

The problem is, that the user agent is very unreliable and Chrome is starting to deprecating it already:

https://www.infoq.com/news/2020/03/chrome-phasing-user-agent/
https://www.zdnet.com/article/vivaldi-to-change-user-agent-string-to-chrome-due-to-unfair-blocking/

The whole history of this feature is a disaster.

I do not think this will ever be part of ASB because of the unreliability and easy modification of this string, but maybe we can add this to the regex pattern feature, so that you can build your own solution.

I opened up an issue on Github for this:
https://github.com/pluginkollektiv/antispam-bee/issues/322

All the best,
Torsten

Thread Starter jaeger
(@jaegerschnitzel)

6 years, 2 months ago

Thanks for your fast reply.
That sounds good, I’ll track the Github issue.

Plugin Contributor Torsten Landsiedel
(@zodiac1978)

6 years, 2 months ago

Hi @jaegerschnitzel,

if you are experienced with Github and PHP development feel free to submit a Pull Request with the mentioned changes.

All the best
Torsten

Plugin Contributor Torsten Landsiedel
(@zodiac1978)

6 years, 2 months ago

I’ve now created a Pull Request for this:
https://github.com/pluginkollektiv/antispam-bee/pull/323

Therefore I set this as resolved here. If you track this issue/PR you can see if and when this is integrated.

All the best,
Torsten
Plugin Contributor Torsten Landsiedel
(@zodiac1978)

6 years, 2 months ago
I tried the patch and it doesn’t work, because the data is not available at the state we are processing the comment. This needs more work and I am not sure if this is necessary for this unreliable check …

Maybe you can block this at the server level much easier (this code would be for Apache/.htaccess):
```
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} python-requests/2.23.0 [NC]
RewriteRule .* - [F,L]
```
Then the whole request gets denied.

Can you try this and report back @jaegerschnitzel?

Thanks and all the best
Torsten
Plugin Contributor Torsten Landsiedel
(@zodiac1978)

6 years, 1 month ago

Hi again @jaegerschnitzel,

after digging a little bit more in the code from WordPress itself, I found a hidden feature (aka bug). The moderation/block list on the discussion settings page can be used with user agent strings too.

Will be fixed/documented with WP 5.5.

See: https://core.trac.ww.wp.xz.cn/ticket/49902

All the best
Torsten

Thread Starter jaeger
(@jaegerschnitzel)

6 years, 1 month ago

Thanks a lot!
This means I can add “user_agent” python-requests/2.23.0” to the block list on the discussion settings page and this kind of spam is automatically blocked? Easier than expected 🙂

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Feature request, block comments depending on user-agent’ is closed to new replies.

Tags