README.md

@@ -6,8 +6,10 @@ stopforumspam API](https://www.stopforumspam.com/usage) and
 To deploy:
 
 * modify the configuration variables in the scripts
-* copy the scripts to `/usr/local/bin`
+* copy the scripts to /usr/local/bin
-* register `q2a_usercheck.sh` as a systemd unit or rc script
+* add a line like `0 0 * * * /usr/local/bin/q2a_usercheck.sh` to root's
+  crontab. Alternatively, you can add `q2a_usercheck.sh` to /etc/cron.daily/
+  if it exists (for example, on debian).
 
 TODO:
 * add support for pf

forumspam.sh

@@ -10,23 +10,18 @@ curl 'http://api.stopforumspam.org/api?ip='$ip 2>/dev/null > $repl
 
 if ! grep -q '<response success="true">' $repl; then
 	echo error failed to query stopforumspam api >> $logf
-	rm $repl
 	exit 1
 fi
 if ! grep -q '<appears>yes</appears>' $repl; then
-	rm $repl
 	exit 0
 fi
 freq=`grep '<frequency>' $repl | sed 's/<frequency>//; s!</frequency>!!'`
 if [ "$freq" -ge 1 ]; then
 	if ufw deny from $ip >/dev/null; then
 		echo `date` blocked ip $ip with freq $freq >> $logf
-		rm $repl
 		exit 0
 	else
 		echo error failed to add ufw rule >> $logf
-		rm $repl
 		exit 2
 	fi
 fi
-rm $repl

q2a_usercheck.sh

@@ -1,16 +1,19 @@
 #!/bin/sh
 
-logf='/var/log/nginx/access.log'
+mysql_user='q2a_user'
-cache='/tmp/forumspam_cache'
+mysql_pass='q2a_pass'
+mysql_db='q2a_db'
 
-install -m 600 /dev/null $cache
+tmpf=`mktemp`
+yesterday=`date -d yesterday '+%Y-%m-%d %H:%M:%S'`
 
-tail -F $logf | while read line ; do
+mysql -u $mysql_user "--password=$mysql_pass" $mysql_db -e \
-	case $line in (*"POST"*)
+	"SELECT INET_NTOA(CONV(HEX(createip),16,10))
-		ip=`echo $line | awk '{print $1}'`
+	FROM qa_users WHERE created >= '$yesterday';
-		if ! grep -q $ip $cache; then
+	" | sed '1d' | sort | uniq > $tmpf
-			echo $ip >> $cache
+
-			/usr/local/bin/forumspam.sh "$ip"
+while read ip ; do
-		fi
+	/usr/local/bin/forumspam.sh "$ip"
-	esac
+done < $tmpf
-done
+
+rm $tmpf