Skip to main content

Django middleware for blocking IPs listed in stopforumspam.com

Project description

Tired of comment spam, form spam and dumb crawlers? A django application that provides middleware for blocking IPs listed in stopforumspam.com’s database. It only reacts on POST requests, so don’t worry about a huge table of rules having to be passed at every request. It’s quite painless.

A simple management command is provided for updating the database from stopforumspam.com:

manage.py sfsupdate [–force]

Using this command, all IPs are stored in Django models, and using django-admin, it’s possible to add your own extra IP addresses on a permanent database.

Installation

  1. Install the latest release from pypi:

    sudo pip install stopforumspam

  2. Add this to settings.MIDDLEWARE_CLASSES

    ‘stopforumspam.middleware.StopForumSpamMiddleware’

  3. Then add this to INSTALLED_APPS

    ‘stopforumspam’

  4. And run:

    python manage.py syncdb

  5. To insert all the IPs run this command, which you should make a cronjob (run it every 24h).

    python manage.py sfsupdate

You may remove stopforumspam from your INSTALLED_APPS after, if you do not wish to see it in your admin pages.

Configuration

The following options exist for your project’s settings.py file:

To check ALL POST requests:

SFS_ALL_POST_REQUESTS = True

To ignore some URLS:

SFS_URLS_IGNORE = [“url_name”, “/url/path”]

To only include some URLS (only works if SFS_ALL_POST_REQUEST=False):

SFS_URLS_INCLUDE = [“url_name”, “/url/path”]

If your application is behind a set of proxy, you can use a specific HTTP Header as a source of the client IP:

SFS_HTTP_HEADER = “X-Forwarded-For”

### Synching with stopforumspam.com

Be nice to their servers and remember that they have strict enforcements on the files that they offer. So before you start testing, you could consider using a local file as a test.

To configure where to download the file from (you can MAX download 2 times a day) - see http://www.stopforumspam.com for more resources:

SFS_SOURCE_ZIP = “http://www.stopforumspam.com/downloads/listed_ip_7.zip

But you should really use a local file if you have more than 1 Django project with stopforumspam running from the same IP address. To do this, use a local protocol:

SFS_SOURCE_ZIP = “file:///path/to/listed_ip_7.zip

You can control how often at most the update should be performed

SFS_CACHE_EXPIRE = 1 #day

…and how long back the log should remember the rejection of POSTS and IPs.

SFS_LOG_EXPIRE = 1 #days

Remember to configure this as well – it’s the name of the file inside the .zip file:

SFS_ZIP_FILENAME = “listed_ip_7.txt”

For testing you can force all requests to be checked.

SFS_FORCE_ALL_REQUESTS = True

Cron Jobs

You probably want to automatically update the list of blocked IP addresses every 24 hours or 48 hours. To do that, you can insert a line in crontab.

0 2 * * * python /your/project/path/manage.py sfsupdate

The above would update at 2 AM every night. If you have several projects and sync them with a local file, you can add:

0 2 * * * wget -O /tmp/listed_ip_7.zip http://www.stopforumspam.com/downloads/listed_ip_7.zip ; python /your/project/path/manage.py sfsupdate

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

stopforumspam-1.4.2.tar.gz (6.5 kB view details)

Uploaded Source

File details

Details for the file stopforumspam-1.4.2.tar.gz.

File metadata

File hashes

Hashes for stopforumspam-1.4.2.tar.gz
Algorithm Hash digest
SHA256 ec1f4a16b14bcb26a550ba8df8f5a6a90e3b61db41fff15e129f77cea093b479
MD5 12a7c2932c8ad6e952f01896c3d6f71d
BLAKE2b-256 8102e100a7817e8dc3e867731d1be6bf670a720ef14217ce92e514677c53c452

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page