Wrt how, you can check whether a request is coming via Tor with this script https://check.torproject.org/cgi-bin/TorBulkExitList.py
If a bot (or anyone) comes looking for wp-cron.php, why redirect them elsewhere when you can drop their traffic and ban their IP address using fail2ban or similar?
On Sun, 7 Apr 2013 19:52:17 -0400 Barack Obama administrator@bypass-censorship.org wrote:
My website, Bypass-Censorship.org, is getting LOTS of spam traffic from Tor (specifically in the wp-cron.php script).
I obviously don't want to block Tor as it's extremely beneficial for privacy geeks and people from Iran, China, etc, to access my site; however, I do have an alternative solution that I may need help with.
Basically what I want to do is add some PHP code in the beginning of index.php (I use WordPress as my CMS). What the code should do is detect if the client is using Tor, and if the client is, the script redirects to the mobile version of my site (mobile.dudamobile.com/site/bypass-censorship - it is hosted for free on DudaMobile).
I believe this would be beneficial for two reasons:
- Spam attacks and hack attacks are useless since it is not on my
primary host (meaning there is no wp-cron.php). 2. And it will take a huge load off my server (I am well-ranked for the term "hidden wiki" in Google and Ixquick).
Please tell me what you think of this idea, and how I can implement it.
Thanks, -BC