Using django’s common middleware against spam

Michiel Bijland — Wed, 19 Aug 2009 15:44:26 +0000

Django’s common middleware is active on most Django sites, and has very nice function to block request based on their user agents. By default this will be empty and not doing much, until a offender comes a long and we add it on after thought, wouldn’t be nice to have a default list that blocks known offenders from the start.
Bad Behaviour a anti-spam script in php has a nice blacklist and has proven his capabilities more then once on this site and others, so let’s get that list into Django.

The following code should be in your settings.py file:

import re
 
regex_list = (
    '; Widows ',
    'a href=',
    'Bad Behavior Test',
    'compatible ; MSIE',
    'compatible-',
    'DTS Agent',
    'Email Extractor',
    'Gecko/25',
    'grub-client',
    'hanzoweb',
    'Indy Library',
    'larbin@unspecified',
    'Murzillo compatible',
    '\\.NET CLR 1\\)',
    'POE-Component-Client',
    'Turing Machine',
    'User-agent: ',
    'WebaltBot',
    'WISEbot',
    'WISEnutbot',
    'Windows NT 4\\.0;\\)',
    'Windows NT 5\\.0;\\)',
    'Windows NT 5\\.1;\\)',
    'Windows XP 5',
    'WordPress/4\\.01',
    '^
 
As you can see, we compile a long regular expression rather then creating 60+ entries in the DISALLOWED_USER_AGENTS, this way you can add your own regular expressions and comment, instead of adding it to the already large list.
 
Hope this will help some other Djangonauts.

Michiel Bijland » Django

Using django’s common middleware against spam