Using django’s common middleware against spam
August 19th, 2009
No comments
Django’s common middleware is active on most Django sites, and has very nice function to block request based on their user agents. By default this will be empty and not doing much, until a offender comes a long and we add it on after thought, wouldn’t be nice to have a default list that blocks known offenders from the start.
Bad Behaviour a anti-spam script in php has a nice blacklist and has proven his capabilities more then once on this site and others, so let’s get that list into Django.
The following code should be in your settings.py file:
import re regex_list = ( '; Widows ', 'a href=', 'Bad Behavior Test', 'compatible ; MSIE', 'compatible-', 'DTS Agent', 'Email Extractor', 'Gecko/25', 'grub-client', 'hanzoweb', 'Indy Library', 'larbin@unspecified', 'Murzillo compatible', '\\.NET CLR 1\\)', 'POE-Component-Client', 'Turing Machine', 'User-agent: ', 'WebaltBot', 'WISEbot', 'WISEnutbot', 'Windows NT 4\\.0;\\)', 'Windows NT 5\\.0;\\)', 'Windows NT 5\\.1;\\)', 'Windows XP 5', 'WordPress/4\\.01', '^ As you can see, we compile a long regular expression rather then creating 60+ entries in the DISALLOWED_USER_AGENTS, this way you can add your own regular expressions and comment, instead of adding it to the already large list. Hope this will help some other Djangonauts.