Killing spambots & other known malicious hosts

I've found the best way to reduce the amount of faux-users appearing in your userlist (like poker, with a url pointing to poker.com or whatever) is to block them from your entire site - not just with phpbb but everywhere.  This is easily done with .htaccess.

Place the following in your .htaccess file (assuming you have mod_rewrite turned on in apache).  This will prevent known spammers (such that are infecting your memberlist) from accessing your site. 

Options +FollowSymlinks RewriteEngine On deny from 84.174.72.102 deny from 217.185.183.70 deny from 205.234.145.222 RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?adult(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?anal(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?blow.?job(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?gay(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?cum+shot(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?casino(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?incest(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?mature(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?nude(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?piss(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?porn(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?pus*y(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?sex(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?teen(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?tits(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?titten(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?wichsab(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*(-|.)?wichslos(-|.).*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*accepted.cc$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?.*episodesusdbz/.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?advancedmoneyloans.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?affiliplanet.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?apart-?design.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?auktion.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?autogewinne24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?autospiele24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?babay.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?euromillionen.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?eurowins.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?geldspiele24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?goovle.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?gsm-support.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?gzltax.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?heil-fasten.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?immobiliengewinne24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?internetsupervision.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?keywordmaster.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?nackt-stars-nackt.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?net-search.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?one2onemag.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?qw8.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?referrer-script.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?ranking-hits.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?reisegewinne24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?rootfood.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?shemale.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?single66.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?slamhost.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?spielepsychatrie.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?superface.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?texasholdem.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?topgewinn24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?topspiele24.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?transexual.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?usa-wins.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?vendini.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?webmasterplan.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?wichsfick.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?wseeker.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?yachtdurak.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?xmaster.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://www14\.blogspot.*$ [OR] RewriteCond %{HTTP_REFERER} ^http://(www\.)?yahh+oo.*$ RewriteRule .* - [F,L] RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR] RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR] RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR] RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR] RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR] RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR] RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR] RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR] RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR] RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR] RewriteCond %{HTTP_USER_AGENT} FrontPage [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR] RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR] RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR] RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR] RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR] RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR] RewriteCond %{HTTP_USER_AGENT} ^HMView [OR] RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR] RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR] RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR] RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR] RewriteCond %{HTTP_USER_AGENT} ^Irvine [OR] RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR] RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR] RewriteCond %{HTTP_USER_AGENT} ^larbin [OR] RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR] RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR] RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR] RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR] RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR] RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR] RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR] RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR] RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR] RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR] RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR] RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR] RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR] RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR] RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR] RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR] RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR] RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR] RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR] RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR] RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR] RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR] RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR] RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR] RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR] RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR] RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR] RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR] RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR] RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR] RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR] RewriteCond %{HTTP_USER_AGENT} ^Wget [OR] RewriteCond %{HTTP_USER_AGENT} ^Widow [OR] RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR] RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR] RewriteCond %{HTTP_USER_AGENT} ^Zeus RewriteRule ^.*$ http://127.0.0.1/ [R,L] # prevent access from santy webworm a-e RewriteCond %{QUERY_STRING} ^(.*)highlight=\%2527 [OR] RewriteCond %{QUERY_STRING} ^(.*)rush=\%65\%63\%68 [OR] RewriteCond %{QUERY_STRING} ^(.*)rush=echo [OR] RewriteCond %{QUERY_STRING} ^(.*)wget\%20 RewriteRule ^.*$ http://127.0.0.1/ [R,L] # prevent pre php 4.3.10 bug RewriteCond %{HTTP_COOKIE}% s:(.*):\%22test1\%22\%3b RewriteRule ^.*$ http://127.0.0.1/ [R,L] # prevent perl user agent (most often used by santy) RewriteCond %{HTTP_USER_AGENT} ^lwp.* [NC] RewriteRule ^.*$ http://127.0.0.1/ [R,L] # kill image thiefs RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com [NC] RewriteCond %{HTTP_REFERER} !^http://(www\.)?mysite\.com/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule \.(jpe?g|gif|bmp|png)$ - [F] DirectoryIndex index.htm index.html index.php index.phtml index.php3 AddType application/x-httpd-php .php .php3 .phtml .html .css # ErrorDocument 404 /error.phtml ErrorDocument 403 " # SetEnvIf Referer "^http://www.example.com/" local_referal # # Allow browsers that do not send Referer info # SetEnvIf Referer "^$" local_referal # <Directory /web/images> # Order Deny,Allow # Deny from all # Allow from env=local_referal # </Directory>