WordPress.org

Ready to get started?Download WordPress

Forums

How to block semalt.com from visiting your WordPress website... (39 posts)

  1. Seath
    Member
    Posted 4 months ago #

    To block semalt.com from visiting your site and making havoc with your statistics add this to the end of your .htaccess file….

    SetEnvIfNoCase Via evil-spam-proxy spammer=yes
    SetEnvIfNoCase Referer evil-spam-domain.com spammer=yes
    SetEnvIfNoCase Referer evil-spam-keyword spammer=yes
    SetEnvIfNoCase Via pinappleproxy spammer=yes
    SetEnvIfNoCase Referer semalt.com spammer=yes
    SetEnvIfNoCase Referer poker spammer=yes
    
    Order allow,deny
    Allow from all
    Deny from env=spammer
  2. Alexanderine
    Member
    Posted 4 months ago #

    hi
    thanks for helping out, i've been dying to find away to block this suspicious web analytic service,

    - my question is > do i add this exactly the way you posted it
    right after
    #End wordpress
    SetEnvIfNoCase Via evil-spam-proxy spammer=yes
    SetEnvIfNoCase Referer evil-spam-domain.com spammer=yes
    SetEnvIfNoCase Referer evil-spam-keyword spammer=yes
    SetEnvIfNoCase Via pinappleproxy spammer=yes
    SetEnvIfNoCase Referer semalt.com spammer=yes
    SetEnvIfNoCase Referer poker spammer=yes

    Order allow,deny
    Allow from all
    Deny from env=spammer
    --------------------------------------------------------
    does this seem right ?

  3. Seath
    Member
    Posted 4 months ago #

    That sounds about right....

    My .htaccess file looks like this....

    # WordPress redirect
    # Enable ETag
    # Expires
    # Headers
    # Compress some text file types
    # Deactivate compression for buggy browsers
    # Custom redirect
    # Block referrer (the code to block semalt)

  4. nomadscarecrow
    Member
    Posted 4 months ago #

    Hi...

    Somebody try here http://semalt.com/project_crawler.php ?

  5. Seath
    Member
    Posted 4 months ago #

    You kidding right???? Why the heck I should ask them to remove my sites? I never asked them to crawl on my sites on first place. Semalt is nothing but bunch of Ukrainian spammers and collectors of information's from sites! They do NOT identify them self as a crawler! No respectable company acts the way they do!

  6. Andrew
    Forum Moderator
    Posted 4 months ago #

    Seath, I'm sure nomadscarecrow was just trying to help.

  7. SLIS
    Member
    Posted 4 months ago #

    Thanks for posting this; I too am getting hit by Semalt.

    Sorry but I get anxious about editing these files and don't want to break my site. I see that I have 2 htacess files; one in my hostgator account, and a longer one which shows up in the 'Edit Files' section of my Yoast SEO plugin.

    Do I need to edit both or just one?

    The Hostgator file ends with <IfModule> and the Yoast file ends with #END WordPress

    I'd like to just submit site to be removed as nomadscarescrow suggests but worry if I do that they'll try something sneaky.

    Thanks

  8. Seath
    Member
    Posted 4 months ago #

    Andrew,
    I am sorry for my outburst, I know that nomadscarecrow was trying to help. I am sure some people prefer his method instead of mine. Personally I would not give them anymore information then they already took from the site.
    I manage few small sites and semalt was hammering those sites down. On one blog they had more then 50% of visits from them! That effected the bounce rate and ranking, that's why I get so upset about them. Again I apologize for my outburst.

    SLIS,
    I never used Yoast SEO plug-in so I am not sure if Yoast .htaccess is read before WordPress .htaccess or is they are used together.
    I would try to add the code in the original .htaccess file from WordPress first and see what happens if that won't stop them then I would remove it and add it to the Yoast .htaccess file. If you are not sure you can always ask the developer of Yoast SEO what .htaccess file you can edit.
    Hope that helps.

  9. mgordon832
    Member
    Posted 3 months ago #

    Thanks you guys for the post. Helped me out a lot.

  10. SLIS
    Member
    Posted 3 months ago #

    Agreed...thanks Seath, that totally fixed the issue!

  11. vegastriguy
    Member
    Posted 3 months ago #

    So, would this be correct?

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /index.php [L]
    </IfModule>

    # END WordPress
    SetEnvIfNoCase Via evil-spam-proxy spammer=yes
    SetEnvIfNoCase Referer evil-spam-domain.com spammer=yes
    SetEnvIfNoCase Referer evil-spam-keyword spammer=yes
    SetEnvIfNoCase Via pinappleproxy spammer=yes
    SetEnvIfNoCase Referer semalt.com spammer=yes
    SetEnvIfNoCase Referer poker spammer=yes

    Order allow,deny
    Allow from all
    Deny from env=spammer

  12. Seath
    Member
    Posted 3 months ago #

    Yes.

  13. rak-nyc
    Member
    Posted 3 months ago #

    Seth - just curious - do you know these guys are in the Ukraine? Their site seems to be hosted in the Netherlands.

    Also, who are the other referrers in your code above and why are they there? (pinappleproxy, evil-spam-domain.com, evil-spam-proxy, evil-spam-keyword + poker)

    many thanks,

    Rob

  14. Seath
    Member
    Posted 3 months ago #

    Hey Rob

    I didn't wrote it, this code was written by Tom Raftery you can read it about it here... http://codex.wordpress.org/Combating_Comment_Spam/Denying_Access just scrawl down to Deny Access Referrer Spammers.

    I read long article about them, that was some time ago and I really don't remember where. They did trace them to their original country. Its easy to have server in another country now days.

  15. pealo86
    Member
    Posted 2 months ago #

    Thanks for this. Will this work on a WP Multisite too? I've added it to my .htaccess in the root directory.

    Do you think I'll need to do anything else to get it to work across all of the sub-websites? Hopefully not as there's about 150 of them!

  16. c3x
    Member
    Posted 2 months ago #

    You need just this, if you just want to block semalt.com:

    SetEnvIfNoCase Referer semalt.com spammer=yes

    Order allow,deny
    Allow from all
    Deny from env=spammer

    The other entries are just samples, who to add referer spam domains or key words.

    And yes, works also for every type of website. Just activate Rewrite Engine - if you don't know how, read the manual or ask your host.

  17. steverit
    Member
    Posted 1 month ago #

    I have also been hit by the semalt spam. Can you please tell me where I find the .htaccess file? Do I find it if I go to "edit" in wordpress?
    Sorry, I am new to adding code etc. I have the fifteen plus theme. Thanks

  18. It's not in WordPress, it's a file on your server. You'll need to use a tool like Cyberduck to access it.

    Check with your host to see their directions on using FTP

  19. Jentan Bernardus
    Member
    Posted 1 month ago #

    Additionaly, you could also try their removal tool. Hope it helps.

  20. MRomine
    Member
    Posted 1 month ago #

    More info here: http://logorrhoea.net/2014/01/how-to-block-semalt-com-referrer-traffic-using-htaccess/ Seems like this is a problem everywhere!

  21. nmmartin928
    Member
    Posted 3 weeks ago #

    Hello,
    I have this same problem with semalt.com and would like to block them. I have very little knowledge of how to edit code, however. Is there an easy way I can do this without jeopardizing my site if I make an error? I've already crashed my site a few times when I've tried to edit things myself, so I've been relying on plugins.

    Thanks so much for any help and please excuse my lack of coding knowledge.

  22. esmi
    Forum Moderator
    Posted 3 weeks ago #

    You will need to know how to edit your site's .htaccess file. I'm afraid there is no easier way.

  23. MRomine
    Member
    Posted 3 weeks ago #

    nmmartin928,

    You can try this route, I know several people have said that it has worked with no repercussions. I just added my web address yesterday to see if they will honor my request: http://semalt.com/project_crawler.php

  24. nmmartin928
    Member
    Posted 3 weeks ago #

    I did just go to that website and filled the form out to remove my website. Has anyone tried this? Does it work? What do they mean by not counting each subdomain?

    I hope this fixes the problem and I never see their name in my stats again.

  25. nmmartin928
    Member
    Posted 3 weeks ago #

    Thanks for the responses!

  26. MRomine
    Member
    Posted 3 weeks ago #

    I hope it works for you.

  27. friedVol
    Member
    Posted 2 weeks ago #

    Will Seath's lines also work as is for semalt.semalt.com or do I need to add a SetEnvIfNoCase Referer semalt.semalt.com spammer=yes? line to my .htaccess file?

    My site stats reported a referrer from semalt.semalt.com/crawler.php at the exact same moment that my security log showed a failed login attempt.

  28. tammielouwho
    Member
    Posted 2 weeks ago #

    Hi there,, I have a wordpress site hosted on godaddy, with Semalt, not only are they messing with my stats, but they have been trying to login using my wp-admin. I have a plugin which locks them out after three unsuccessful attempts. This has happened a few times now, I have reported their ip, but it is still happening. I called godaddy to see what they had available to help. 1. solution is to add ssl, ( which is a paid product and I only enact when I create a commerce site) or.. or get google recaptcha and have it on my login page so a crawler cannot even attempt to login, nor any other kinda bot.. Yeah!! added and now we will see, just wanted to let peeps know there are tools that can help. ♥

  29. friedVol
    Member
    Posted 1 week ago #

    Re my Q about blocking semalt.semalt.com from visiting our sites, I added Seath's semalt.com line as is to my .htaccess file. It's been four days, and semalt.semalt.com no longer visits my site. It used to visit once or twice a day.

    I'm interested in hearing how the Google Captcha (recaptcha) plugin works for this problem. More referers pop up every day; I'd rather not have to update this spammer list in my .htaccess weekly.

    I added SSL to my sites, not for commerce, but to protect login info. It's my understanding that the logins to our WorPress sites are unencrypted unless we, individually, do something to encrypt them. Should some miscreant decide to eavesdrop or sniff unencrypted data, our logins would be there for the taking, especially if we login in a public wifi hotspot.

  30. secretfocus
    Member
    Posted 1 week ago #

    nmmartin928 and MRomine

    Did using the removal tool work OK for you with no problems?

Reply »

You must log in to post.

About this Topic