Bad Bot Trap - repaired

[MrP]

After reading KenW3's post about a Bot Trap in This tread, I thought I would try it out myself.

Following the instructions Here, I created and added the bot trap file to the root of my site. Then I though I'd test it and... No, it didn't work, I got an error (the same error Moci mentions).

Parse error: syntax error, unexpected ‘:’ in

So I corrected that and a few others that followed. Eventually I managed to block myself from getting to my site.

Anyway... If anyone else was thinking of trying this bot trap, here's a fixed version of the bad-bots.php code. Well, it's working perfectly for me on a Linux/Unix server.

Code:

<?php
header("Content-type: text/html; charset=utf-8");
echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>BAD BOTS DENIED</title>
</head>
<body>
<p>OI..! BAD BOTS ARE DENIED - You can\'t come in here..!</p>';
 
// author: seven-3-five, 2006-09-04, seven-3-five.blogspot.com
// Repaired by: MrP 2011-09-23, 
//this script is the meat and potatoes of the bot-trap
// SERVER VARIABLES USED TO IDENTIFY THE OFFENDING BOT
$ip = $_SERVER['REMOTE_ADDR'];
$agent = $_SERVER['HTTP_USER_AGENT'];
//$request = $_SERVER['REQUEST_URI'];
//$referer = $_SERVER['HTTP_REFERER'];
$text = 'deny from ' . $ip . "\n";
$file = '.htaccess';
$good = Array('google',
'yahoo',
'msn',
//'',
);
$bb=0;
foreach ($good AS $gb) {
if (!strstr($agent, strtolower($gb)))
$bb++;
}
if ($bb==sizeof($good)) {
add_badbot($text, $file);
}
// Function add_bad_bot($text, $file_name): appends $text to $file_name
// make sure PHP has permission to write to $file_name
function add_badbot($text, $file_name) {
$handle = fopen($file_name, 'a');
fwrite($handle, $text);
fclose($handle);
}
// Email me when a bot gets trapped 
$subject = 'bad-bots';
$email = 'Your-email @ Your-site.com'; //edit accordingly
$to = $email;
$message ='ip: ' . $ip . "\r\n" .
'user-agent string: ' . $agent . "\r\n" .
'requested url: ' . $request . "\r\n" .
'referer: ' . $referer . "\r\n"; // often is blank
$message = wordwrap($message, 70);
$headers = ‘From\: ‘ . $email . “\r\n” .
‘Reply-To: ‘ . $email . “\r\n” .
‘X-Mailer PHP/’ . phpversion();
mail($to, $subject, $message, $headers);
echo '</body></html>';
?>

I've also included the part that emails you each time a 'Bad Bot' is caught.

[bustour]

This seems like a pretty handy idea, so thank you for posting the fixed code. I might give it a try soon.

Any sense of how many bots you've caught? Are you getting inundated with the emails or are they relatively infrequent?

[grynge]

Any sense of how many bots you've caught? Are you getting inundated with the emails or are they relatively infrequent?

You will start off with quite a few but as time goes on you get less and less, I have a different but similar system for my servers and now only get maybe 1 a week, but mind you the ban list is quite large.

[Clinton]

grynge, doesn't that slow the site down?

[grynge]

grynge, doesn't that slow the site down?

It probably slows them a few milliseconds but that's about it.

I do it on a server base not a website base. The server grabs all incoming request ip's and then parses the list before handing over to the sites. This is only done once per initial ip and then again 24 hours later. Once a user is on a website the script is inactive unless they land on a honeypot, at which time they get added to the list.

[MrP]

Any sense of how many bots you've caught? Are you getting inundated with the emails or are they relatively infrequent?

I only caught one so far since it was activated (13 hrs ago), but the site I'm testing on is Very low ranking. Not sure how that would make a difference to a bot thought.

Here's the first victim:

user-agent string: Mozilla/5.0 (compatible; Baiduspider/2.0;
+http:// www .baidu .com/search/spider.html) ... (anti-backlink gaps included)

doesn't that slow the site down?

I must admit I didn't even that a thought. It doesn't seem to make a difference to me. Maybe KenW3 might know, he said he's using it on a few sites.