BuddyPress anti-spam techniques – .htaccess techniques

Some basic BuddyPress anti-spam techniques can be effected from your .htaccess file (or, better, directly in your Apache config file/s). The following is a great start:

<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} /register*
    RewriteCond %{HTTP_REFERER} !111.222.333.444[OR]
    RewriteCond %{HTTP_USER_AGENT} ^$ [OR]
    RewriteCond %{HTTP_USER_AGENT} ^(curl) [OR]
    RewriteCond %{SERVER_PROTOCOL} ^(HTTP/1.0)
    RewriteRule (.*) /spam-prevention [R=301,L]
</IfModule>

The above implies that your registration page slug is “register” and that you have a page with the slug “spam-prevention”, which should just be a page telling the user they did something spammer-like. Obviously, “111.222.333.444” should be replaced with your site’s IP address…

Basically, it requires the following (if your registration page is POSTed to):

  • the HTTP referrer must be your site’s IP address
  • the user-agent string must not be blank
  • the user-agent string must not be “curl”
  • the protocol must not be HTTP/1.0