In the last few months I have made a few posts about fighting spammers and scrapers with custom Mod Security rules, and in those posts I always add the warning: Watch your logs closely so that you don’t inadvertently block real humans.  So this raises the question: What do you check your logs for?

How to check an IP address

These are some of the things that I look at when determining if an IP address belongs to a spammer, a scraper, or a real human being.  There is no 100% hard and fast rule or way to know for sure how legitimate every IP address is, but after you’ve done this for a while, you start to get pretty accurate.The first thing to do is get the IP address that you’re dealing with.  If you’re using WordPress the UserOnline plugin will display the IP address of recent visitors.  If you use Drupal there are also a few Modules but I usually just look for errors in the logs that scrapers and spammers often generate.  Of course the best way is to look into your raw web-server logs.

Once I get a Continue reading →