I hate getting referrer spam. While I know that referrer spam is a fact of life for anybody hosting a website, I hate seeing my logs filled with crap. Being proactive about this log-jacking is hard, but I like doing something about it anyway.
IPTables
The great firewall against China
Just as I finished writing about a new age of comment and trackback openness I checked my IPTables logs and am greeted by a nice surprise from an IP address from ChinaNet. My system received about a thousand connection attempts to ports between 1024 and 2048. Mind you, these are ports no external system has any business accessing. Nevermind that nobody in China is authorized to access my system.
Since ChinaNet seems to be more amenable to allowing anyone to use their network for mischief I don't see why they deserve access to my site.
Here are the relevant IPTables directives:
# CHINANET #
-A INPUT -m iprange --src-range 218.13.0.0-218.18.255.255 -i eth0 -p tcp -m tcp -j DROP
-A INPUT -m iprange --src-range 220.181.0.0-220.181.255.255 -i eth0 -p tcp -m tcp -j DROP
snap.com has been very very bad
Snapbot/1.0 keeps hitting my site several times a day, for no good reason. Everytime it hits me it hits robots.txt twice. I might be a bit hypersensitive, but having my site crawled over and over, only for the latest screendump of my site is lame. To make it better, when searching for steamedpenguin on snap.com you get an old screengrab. snap.com = lame.
Since their bot sucks as much as snap.com does I added the IP range 38.98.19.0-38.98.19.255 to my drop list. I love IPTables!
