Adding support for a proxy-specific RBL that has shown to be extremely effective

git-svn-id: https://develop.svn.wordpress.org/trunk@2199 602fd350-edb4-49c9-b593-d223f7449a82

wp-admin/options-discussion.php

@@ -22,7 +22,7 @@ if ($action == 'retrospam') {
 	<h2><?php _e('Discussion Options') ?></h2> 
 	<form name="form1" method="post" action="options.php"> 
 		<input type="hidden" name="action" value="update" /> 
-		<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys'" /> 
+		<input type="hidden" name="page_options" value="'default_pingback_flag','default_ping_status','default_comment_status','comments_notify','moderation_notify','comment_moderation','require_name_email','comment_whitelist','comment_max_links','moderation_keys','blacklist_keys','open_proxy_check'" /> 
 <fieldset class="options">
         <legend><?php _e('Usual settings for an article: <em>(These settings may be overridden for individual articles.)</em>') ?></legend> 
 		<ul> 
@@ -87,7 +87,10 @@ if ($action == 'retrospam') {
     <p><?php _e('This is a list of words that you want completely blacklisted from your blog. Be very careful what you add here, because if a comment matches something here it will be completely nuked and there will be no notification. Remember that partial words can match, so if there is any chance something here might match it would be better to put it in the moderation box above.') ?></p>
 		<p> 
 			<textarea name="blacklist_keys" cols="60" rows="4" id="blacklist_keys" style="width: 98%; font-size: 12px;" class="code"><?php form_option('blacklist_keys'); ?></textarea> 
-		</p> 
+		</p>
+		<p><label for="open_proxy_check"> 
+				<input name="open_proxy_check" type="checkbox" id="open_proxy_check" value="open" <?php checked('1', get_settings('open_proxy_check')); ?> /> 
+            <?php _e('Blacklist comments from open and insecure proxies.)') ?></label></p>
 </fieldset>
 		<p class="submit"> 
     	<input type="submit" name="Submit" value="<?php _e('Update Options') ?>" /> 

wp-admin/upgrade-schema.php

@@ -214,6 +214,7 @@ function populate_options() {
 	add_option('page_uris');
 	add_option('blacklist_keys');
 	add_option('comment_registration', 0);
+	add_option('open_proxy_check', 1);
 
 	// Delete unused options
 	$unusedoptions = array ('blodotgsping_url', 'bodyterminator', 'emailtestonly', 'phoneemail_separator', 'smilies_directory', 'subjectprefix', 'use_bbcode', 'use_blodotgsping', 'use_phoneemail', 'use_quicktags', 'use_weblogsping', 'weblogs_cache_file', 'use_preview', 'use_htmltrans', 'smilies_directory', 'rss_language', 'fileupload_allowedusers', 'use_phoneemail', 'default_post_status', 'default_post_category', 'archive_mode', 'time_difference', 'links_minadminlevel', 'links_use_adminlevels', 'links_rating_type', 'links_rating_char', 'links_rating_ignore_zero', 'links_rating_single_image', 'links_rating_image0', 'links_rating_image1', 'links_rating_image2', 'links_rating_image3', 'links_rating_image4', 'links_rating_image5', 'links_rating_image6', 'links_rating_image7', 'links_rating_image8', 'links_rating_image9', 'weblogs_cacheminutes', 'comment_allowed_tags', 'search_engine_friendly_urls', 'default_geourl_lat', 'default_geourl_lon', 'use_default_geourl');

wp-includes/functions-post.php

@@ -417,6 +417,13 @@ function wp_blacklist_check($author, $email, $url, $comment, $user_ip, $user_age
 		if ( preg_match($pattern, $user_ip   ) ) return true;
 		if ( preg_match($pattern, $user_agent) ) return true;
 	}
+	
+	if ( get_option('open_proxy_check') && isset($_SERVER['REMOTE_ADDR']) ) {
+		$rev_ip = implode( '.', array_reverse( explode( '.', $_SERVER['REMOTE_ADDR'] ) ) );
+		$lookup = $rev_ip . '.opm.blitzed.org';
+		if ( $lookup != gethostbyname( $lookup ) )
+			return true;
+	}
 
 	return false;
 }