Rather than solely fighting off spam with CAPTCHAs and spam comment checkers – is

Question

0

Asked: May 18, 20262026-05-18T09:19:27+00:00 2026-05-18T09:19:27+00:00

Rather than solely fighting off spam with CAPTCHAs and spam comment checkers – is

0

Rather than solely fighting off spam with CAPTCHAs and spam comment checkers – is it a good idea to check each request against a DNSBL and block the user if they are using a bad IP?

$blacklists = array('web.sorbs.net', 'opm.tornevall.org');
$parts  = explode('.', $_SERVER['REMOTE_ADDR']);
$ip  = implode('.', array_reverse($parts)) . '.';
foreach($blacklists as $bl)
{
    $check = $ip . $bl;
    if ($check != gethostbyname($check))
    {
        error_log('PHP Security: [DNSBL] - ' . $_SERVER['REMOTE_ADDR'] . ' - ' . $bl);
        die('Put a detailed error here so the client knows why they have been blocked');
    }
}

It seems like the only problems would be over-zealous IP blocking of good users by the DNSBL or the large cost of making a DNS lookup each request.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-18T09:19:27+00:00

Editorial Team

2026-05-18T09:19:27+00:00Added an answer on May 18, 2026 at 9:19 am

This might help, but you will have to take two things into consideration: False Positives and False Negatives.

DNSBLs tend to have quite a few of both. False Positives that hit innocent users, and False Negatives that will miss good chunks of botnets. The best solution I have found for dealing with spam online is to use CAPTCHAs.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Rather than solely fighting off spam with CAPTCHAs and spam comment checkers – is

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply