Blacklist Functionality with YOURLS
Problem:
YOURLS is a great, open-source URL shortener (see bra.hm), but the version
1.4 release that I was using lacked a site blacklist. When I logged into the administrative interface one day, over 5,000 junk URLs had been created
by a single domain.
Because YOURLS is open source, I whipped up a quick-and-dirty blacklisting solution to prevent future URL spamming.
Important Notes
- This modification is for release 1.4 - if you upgrade later, things may break.
- Make this modification at your own risk!
- For simplicity, domains are blocked by strings appearing in the URL to be shortened. If you blacklist example.com,
http://www.google.ca/search?&q=example.com will be an invalid url. Inconveniences can be minimized by adding the forward slash ('/')
character to the end of the blacklisted site array.
Modify includes/config.php
Add the following to the bottom of config.php, and add or change any domains that are giving you trouble:
//Blacklisted keywords array. Things that the URL CANNOT contain - used to censor spamming of crappy domains.
$yourls_blacklisted_URL = array(
'webjam.com/', 'brandrepublic.com/', 'toxiefans.com/', 'wackwall.com/'
);5
Modify includes/functions.php
Add the following function anywhere inside functions.php (anywhere except nested inside another function!):
//BN - Feb 21, 2010
//Check to see if we've blacklisted a keyword in the URL that the user has submitted (prevent webjam.com spam, for example)
function url_is_on_blacklist($url) {
global $yourls_blacklisted_URL;
//Make sure that the blacklisted terms ($needle) aren't in the haystack.
foreach ($yourls_blacklisted_URL as $needle) {
if ( strpos($url, $needle)>0 ) {
return $needle;
}
}
return;
}
//END CUSTOM CONTENT
Make the following modication to the function yourls_add_new_link. The NEW code (that you should add) is
red, the rest is shown for reference.
// Add a new link in the DB, either with custom keyword, or find one
function yourls_add_new_link( $url, $keyword = '' ) {
global $ydb;
//BN Feb 21, 2010 - I am adding a function here which can blacklist URLS
$blacklist_check = url_is_on_blacklist($url);
if ( strlen($blacklist_check)>0 ) {
exit('BOY HOWDY! You\'ve tried to use a blacklisted URL: '.$blacklist_check.' and therefore,
you belong in a garbage can. If you think this is an error, please email the site administrator.
Otherwise, go abuse another URL shortener.');
}
//END CUSTOM CONTENT
if ( !$url || $url == 'http://' || $url == 'https://' ) {
$return['status'] = 'fail';
That's it! It might not be pretty, but if your YOURLS setup is consistently getting hammered with spam from the same domains, this
is a nice simple fix. If you have any comments or feedback, please shoot me an email.
Update: the folks at Mr. Tech have put together some additional
awesome hacks for YOURLS, including a spam throttler! Although I would suggest that modifying the
yourls_add_new_link in includes/functions.php function instead of adding functions on both the API and index pages.
Last Modified March 3, 2010
|