I use the plugin “antispam bee”, which can be set to auto-clean the spam queue after X days. It also allows you to set up spam triggers using regular expressions.
I use Anti-spam — WordPress Plugins and it catches 99.9% of the stuff before Akismet sees it and it never reaches the Spam folder.
Thread Starter
jd-fb
(@jd-fb)
As a follow-up to Sterndata’s response, what would the regex be for http_referrers with anchors in them? Would you know it for the context of the plug-in and .htaccess? I ask because the # symbol means “comment” in PHP and Apache directives, so how do I use them in a regex? (And, at the best of times, regexes make me dizzy 🙂 )
I don’t think the plug-in mentioned by MarkRH will work for me because this particular bot is imitating the clicks from the root of my site to a blog post and then to wp-comment.php.
I continue to lean towards .htaccess being my solution because this bot has been relentless; I’d like it to stop using my bandwidth, and I’m thinking that after a couple of http 401/403 errors, it may give up. That’s my hope, anyway.
after a couple of http 401/403 errors,
Ha! I’ve got one site I block at the iptables level that looks for a particular file (via a post) every 2 minutes and has been doing so for three months. (I’ve reported it via abuse@ the host, but nothing.)
(@jd-fb)
9 years, 1 month ago
I’ve got an unsual problem that doesn’t seem to fit anything else I can find online, so I’m hoping someone has an idea how to fix it. It may be more than a WordPress question, but I thought I’d start here.
There’s a spam bot that is consistently trying to add a comment on my site. The bot seems to spoof a random IP address on each visit, so blocking via .htaccess didn’t work. The bot seemed to somehow imitate a human clicking through my site, so on my web logs I could see “someone” going through my site via
/ > /category1/ > /blog-post-name/ > /wp-comment.php(Thus, blocking direct access to wp-comment.php using .htaccess was ineffective, because this bot looked like it was posting a comment off of an actual blog post.)
The Akistmet plug-in put all these comments in a spam queue, but I preferred not having these spam comments taking up space in my database. Thankfully, I was finally able to stop the spam comments was a ReCAPTCHA plug-in.
But, the bot is still trying. I see random attempts to post comments, and I’d like to get this bot to stop using my bandwidth. It’s a relentless bot – it keeps trying every 10 minutes or so.
I checked the other day, and it looks like the bot has changed its behaviour a bit. The http_referrer looks like this:
/blog-post-name#comment9999 > /blog-post-name/ > /wp-comment.phpIs there a way to block referrers that comme from pages with “#” anchors? As far as I understand web servers, http_referrers would never have a “#” anchor in it.
Also, in my example above, #comment9999 doesn’t exist on my website, so there’s no way that real web traffic would be coming from that URL.