Support » Fixing WordPress » Comment / referrer spam

  • I’ve got an unsual problem that doesn’t seem to fit anything else I can find online, so I’m hoping someone has an idea how to fix it. It may be more than a WordPress question, but I thought I’d start here.

    There’s a spam bot that is consistently trying to add a comment on my site. The bot seems to spoof a random IP address on each visit, so blocking via .htaccess didn’t work. The bot seemed to somehow imitate a human clicking through my site, so on my web logs I could see “someone” going through my site via
    / > /category1/ > /blog-post-name/ > /wp-comment.php
    (Thus, blocking direct access to wp-comment.php using .htaccess was ineffective, because this bot looked like it was posting a comment off of an actual blog post.)

    The Akistmet plug-in put all these comments in a spam queue, but I preferred not having these spam comments taking up space in my database. Thankfully, I was finally able to stop the spam comments was a ReCAPTCHA plug-in.

    But, the bot is still trying. I see random attempts to post comments, and I’d like to get this bot to stop using my bandwidth. It’s a relentless bot – it keeps trying every 10 minutes or so.

    I checked the other day, and it looks like the bot has changed its behaviour a bit. The http_referrer looks like this:
    /blog-post-name#comment9999 > /blog-post-name/ > /wp-comment.php

    Is there a way to block referrers that comme from pages with “#” anchors? As far as I understand web servers, http_referrers would never have a “#” anchor in it.

    Also, in my example above, #comment9999 doesn’t exist on my website, so there’s no way that real web traffic would be coming from that URL.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    I use the plugin “antispam bee”, which can be set to auto-clean the spam queue after X days. It also allows you to set up spam triggers using regular expressions.

    I use Anti-spam — WordPress Plugins and it catches 99.9% of the stuff before Akismet sees it and it never reaches the Spam folder.

    As a follow-up to Sterndata’s response, what would the regex be for http_referrers with anchors in them? Would you know it for the context of the plug-in and .htaccess? I ask because the # symbol means “comment” in PHP and Apache directives, so how do I use them in a regex? (And, at the best of times, regexes make me dizzy 🙂 )

    I don’t think the plug-in mentioned by MarkRH will work for me because this particular bot is imitating the clicks from the root of my site to a blog post and then to wp-comment.php.

    I continue to lean towards .htaccess being my solution because this bot has been relentless; I’d like it to stop using my bandwidth, and I’m thinking that after a couple of http 401/403 errors, it may give up. That’s my hope, anyway.

    Moderator Steven Stern (sterndata)

    (@sterndata)

    Forum Moderator & Support Team Volunteer

    after a couple of http 401/403 errors,

    Ha! I’ve got one site I block at the iptables level that looks for a particular file (via a post) every 2 minutes and has been doing so for three months. (I’ve reported it via abuse@ the host, but nothing.)

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Comment / referrer spam’ is closed to new replies.