I have finally finished the
Ratrap (that is Rat•trap) and it has official been released. The script is designed to "trap" malicious robots and feed them with a infinite set of random links to itself. The script generates a page of random words, links and e-mail addresses. The idea of the ratrap is to identify the bad robots (like e-mail harvesters) and prevent them from further access to the site. Good robots (like regular search engines) follow the rules of "robots.txt". Bad bots don't. Good robots are told not to access the ratrap. Hidden links are placed on the site to the ratrap as bate. And once a bad robot entries the ratrap, it finds plenty of reasons to stay (i.e. lots of links and e-mail addresses). The last item on the to-do list was adding tracking off IP addresses that wondered the trap and ban them if after they had access the script a number of times. Today, I finished that part.
The banning portion of the Ratrap really consists of two parts. The first part is keeping a database of "offenders". I didn't want to require a full database like MySQL as that was over kill. And a CSV file would just be messy. So I decided this was a good project to try
SQLite. SQLite is a standard fetcher in PHP 5, so no issue there. It turns out SQLite was a great solution for the tracking side of this project. The second part of the IP banning was the system call to ban an offending IP. The program "iptables" can do this quite easily. But adding filters requires root access. So for PHP to call this program, I needed to setup "sudo" to grant permission to the web server user. Once that was working, I banned myself several times from a couple different locations to get the script working. I am so glad for
SDF, along with my shell account on Zen's machine-- really helps testing.
Now that the script is complete, I've released it along with it's own website:
ratrap.DrQue.net. The web site layout looks much like most of my layouts, except I tried something I learned from WordPress. I set the site up in such a way that it is will quite usable even if you disable the styles. All XHTML strict and CSS compliant. Since it's my first draft, I'm sure I'll be doing modifications in the future so people can actually understand it, but for now, I'll have to stick with an advanced "I'm sorry".
Pictured is my key chain. The hardcore geeks among us will recognize the 30-pin SIMM. It's missing 3 chips (I just lost the 3rd chip). Solder clearly isn't glue.