Drupal and mod_rewrite

Drupal's use of .htaccess and mod_rewrite to create "search-engine friendly" urls prompted me to play around a bit with a few simple rewrite rules myself.

Since this site ran for about 5 years on MovableType, which is a huge target for comment spammers, I get hundreds of spam attempts a day that attempt to exploit a script that I no longer need. Sure I could just ignore them, as their spam attempts are ineffective since I don't allow comments to the old pages, but redirecting spammers back to their own machine is more fun:

RewriteCond %{REQUEST_URI} ".*/mt-comments.cgi" [NC]
RewriteRule (.*)$1 [L,R=301]

And since most of the spamming scripts I've seen are not smart enough to spoof the referer when they POST their spam comments, the following rule is pretty effective (though also easy to get around):

# Try to prevent comment spam. Attempts to post comments are 403 if they
# aren't coming from within site. This will prevent clients that don't send
# referrer from posting comments, but I'm not aware of any modern browser that
# does not send a referrer
RewriteCond %{HTTP_REFERER} "!^http://(www.)?slaughters.com/.*$" [NC]
RewriteCond %{THE_REQUEST} "POST /comment/reply/.*"
RewriteRule .* - [L,F]

Yes, scripts can easily get around this by spoofing the referer, but as of now, this is a very effective means of shutting down spammers without having to discourage legit comments by requiring user registration or using captcha.