Title: Comments spam
Last modified: August 31, 2016

---

# Comments spam

 *  Resolved [IvanRF](https://wordpress.org/support/users/ivanrf/)
 * (@ivanrf)
 * [10 years, 1 month ago](https://wordpress.org/support/topic/comments-spam-3/)
 * I could say I’m under a “comments attack”. In the last hours I received 450 spam
   comments from Russia.
    Log looks like this:
 *     ```
       188.143.232.35 - - [15/May/2016:05:21:55 -0700] "POST /wp-comments-post.php HTTP/1.1" 302 - "http://..." "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
       ...
       188.143.232.62 - - [15/May/2016:05:36:53 -0700] "POST /wp-comments-post.php HTTP/1.1" 302 - "http://..." "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
       188.143.232.22 - - [15/May/2016:05:36:58 -0700] "POST /wp-comments-post.php HTTP/1.1" 302 - "http://..." "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
       ...
       188.143.232.16 - - [15/May/2016:06:40:26 -0700] "POST /wp-comments-post.php HTTP/1.1" 429 2634 "http://..." "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
       188.143.232.15 - - [15/May/2016:06:40:22 -0700] "POST /wp-comments-post.php HTTP/1.1" 302 - "http://..." "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
       ```
   
 * Shouldn’t Wordfence do something with this? I mean not allowing to being marked
   as Spam, just block them. Is that a feature of the Pro version?
 * [https://wordpress.org/plugins/wordfence/](https://wordpress.org/plugins/wordfence/)

Viewing 5 replies - 1 through 5 (of 5 total)

 *  Thread Starter [IvanRF](https://wordpress.org/support/users/ivanrf/)
 * (@ivanrf)
 * [10 years, 1 month ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382596)
 * I did a research on plugins able to block this kind of attacks and found one 
   that is doing a nice job so far:
 * [https://wordpress.org/plugins/wp-spamshield/](https://wordpress.org/plugins/wp-spamshield/)
 * 14 blocked spams in the last hour and my Spam folder is empty 🙂
    I enabled their
   log and they are correctly blocking the Russian spams.
 *  Thread Starter [IvanRF](https://wordpress.org/support/users/ivanrf/)
 * (@ivanrf)
 * [10 years, 1 month ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382845)
 * wp-spamshield was not the perfect solution. Unfortunately, they have false positives
   and blocked user’s comments.
 * Do you have any opinion about this? What does Wordfence against comment attacks?
 *  [redsand](https://wordpress.org/support/users/redsand/)
 * (@redsand)
 * [10 years, 1 month ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382847)
 * [@ivanrf](https://wordpress.org/support/users/ivanrf/)
 * The issue you had with WP-SpamShield was a configuration issue on your site, 
   not false positives. Please see my response to your support request.
 *  Thread Starter [IvanRF](https://wordpress.org/support/users/ivanrf/)
 * (@ivanrf)
 * [10 years, 1 month ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382848)
 * > The issue you had with WP-SpamShield was a configuration issue on your site,
   > not false positives.
 * The place to discuss about your plugin is **[here](https://wordpress.org/support/topic/false-positives-8)**.
 * The aim of this thread is to know what Wordfence does against this kind of attacks.
 * Every spam comment goes to the DB and has to be processed by WP. A high flow 
   of spam comments could easily cause a DoS on a site. So, I want to know if Wordfence
   is going to support this or is already a Pro feature.
 *  [wfasa](https://wordpress.org/support/users/wfasa/)
 * (@wfasa)
 * [10 years ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382853)
 * Hello IvanRF,
    While spam can be a horrible nuisance as a general rule in the
   free plugin version we block comments if they contain malware or links to sites
   that contain malware. The premium version has a feature called “Advanced comment
   spam filter” which also checks the IP source of comments against blacklists. 
   This is rather uncommon technique and combined with plugins that focus on spam(
   like Akismet) you can get very good filtering.
 * You should theoretically be able to block the most persistent ones by using free
   WordPress functions if you like such as blocking certain IP-ranges or tune up
   rate limiting rules.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Comments spam’ is closed to new replies.

 * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865)
 * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wordfence/)
 * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/)

## Tags

 * [Comments](https://wordpress.org/support/topic-tag/comments/)

 * 5 replies
 * 3 participants
 * Last reply from: [wfasa](https://wordpress.org/support/users/wfasa/)
 * Last activity: [10 years ago](https://wordpress.org/support/topic/comments-spam-3/#post-7382853)
 * Status: resolved