how to block comment spammer (43 posts)

  1. gary_manila
    Posted 10 years ago #

    apologies if discussed previously. i'm receiving a ton of spam comments from this:
    Author : your fat ass (IP: , cethil.insa-lyon.fr)
    E-mail : byob@y5484o.com
    URL : http://www.I'm_a_stupid_spammer.com
    Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=
    considering comments have always been moderated and he/it still continues, i suspect its automated. so my questions: 1. is it automated? 2. how to deal with it?
    many thanks in advance!

  2. myke115
    Posted 10 years ago #

    i've been getting the same one over and over. Also one for texas-holdem poker. WP catches them for moderation but it still is a pain to have to go click them one by one and then delete. Even a "select all" button for deletion would make it not so bad. Definitely need something to flat out block someone like this from commenting after one is deleted.

  3. Sphyr
    Posted 10 years ago #

    Yeah, there are lots of posts on this guy. I bet I've deleted 100 of his attempts in the last 24 hours. Not one of them has made it to the front page, but it's a pain having to delete them.

  4. gacharya
    Posted 10 years ago #

    i've been blocking his IP addresses from my cPanel. There's a button called "IP deny" and then you can block golimar.com

  5. myke115
    Posted 10 years ago #

    my host uses cpanel as well and i blocked his ip but it hasn't done any good.
    i think the best thing that i've heard works is the 'comment preview' hack. i've had it up for about an hour and so far it has stopped when i was getting them heavily the hour before. I'll know for sure if it stops the bot come morning. was an easy install and the extra step should stop an auto bot.
    get it via laughing lizard here: http://weblogtoolscollection.com/archives/2004/05/20/coment-preview-for-wordpress-12/

  6. Sphyr
    Posted 10 years ago #

    I renamed the wp-comments-post.php, that stopped it completely.
    Banning the i.p. doesn't work, he's changing it after every post.

  7. Just do a search here for "comment spam". There is at least one new topic a day created about this, let's try to keep that number down.

  8. Anonymous
    Posted 10 years ago #

    << I renamed the wp-comments-post.php, that stopped it completely. >>
    Can you tell us in which scripts and where we need to swap references to the former wp-comments-post.php file with the newly-renamed file?
    Also, are there other blog systems that have solved this problem ?
    Wonder how they did it.

  9. charle97
    Posted 10 years ago #

    Can you tell us in which scripts and where we need to swap references to the former wp-comments-post.php file with the newly-renamed file?
    renaming wp-comments-post.php
    Also, are there other blog systems that have solved this problem ?
    nope. however, turning off comments altogether will solve the problem.

  10. Sorry, allow me to nudge in here and repeat something...
    "Just do a search here for "comment spam". There is at least one new topic a day created about this, let's try to keep that number down."
    There are numerous SPAM-prevention solution available here (including instructions on renaming the comment post file). Just do a bloody search.

  11. charle97
    Posted 10 years ago #

    please stop telling people to do a search. people won't listen.

  12. Well, about 90% of them do immediately. The other 8 realize that no one is answering and eventually search after all. Then there's the other 2% who get the luck of having someone with enough free time to search for them and provide them with a link. We don't all have enough free time for that, and this isn't a paying gig. Everyone here is a volunteer in a community. And, as a community effort, I hope that people will learn how to search for information rather than wait for it to be handed to them.

  13. Anonymous
    Posted 10 years ago #

    I've done searches for comment spam here. I haven't found an easy solution to just disable all comments and stop people from accessing the comment script that lets them post comments anyway.

  14. ::Sigh::
    "I've done searches for comment spam here. I haven't found an easy solution to just disable all comments and stop people from accessing the comment script that lets them post comments anyway."
    Do you mean like this one ( http://wiki.wordpress.org/How%20to%20combat%20comment%20spam%20with%20WordPress ) which is result number #5 under the "On Documentation Wiki" section and this one ( http://wordpress.org/support/3/13443 ), entitled "Comment Spam" and result #4 under "Thread Title Matches"?
    Can we up the effort just a few notches? We'd all love to help you, but we need you to try the simple things (like searching) first.

  15. Just wanted to hop on, adding that the Wiki's "How to combat comment spam with WordPress" links to LisaS's thread on how renaming the wp-comments-post.php file will help against spam bots. So technically, it was in the Wiki too.

  16. No worries, I don't think he speaks for most of us... ;)

  17. Kitten
    Posted 10 years ago #

    Here's a IP deny list that will catch about 99% of this assclown's botnet:
    Order Deny,Allow
    Deny from 134.214.77
    Deny from 148.244.150
    Deny from 150.101.110
    Deny from 158.42.52
    Deny from 164.100.11
    Deny from 168.37.253
    Deny from 192.114.189
    Deny from 193.41.248
    Deny from 194.126.30
    Deny from 195.117.196
    Deny from 195.141.64
    Deny from 195.172.182
    Deny from 195.224.127
    Deny from 195.38.127
    Deny from 200.193.237
    Deny from 200.208.68
    Deny from 200.31.17
    Deny from 200.32.86
    Deny from 200.35.81
    Deny from 202.47.247
    Deny from 202.88.149
    Deny from 202.97.150
    Deny from 203.101.30
    Deny from 203.172.181
    Deny from 209.150.203
    Deny from 209.158.113
    Deny from 209.161.205
    Deny from 210.0.209
    Deny from 210.212.205
    Deny from 210.240.188
    Deny from 211.147.225
    Deny from 211.250.81
    Deny from 212.219.119
    Deny from 212.235.126
    Deny from 212.235.31
    Deny from 212.235.40
    Deny from 212.235.41
    Deny from 212.235.85
    Deny from 213.130.53
    Deny from 213.172.36
    Deny from 213.254.42
    Deny from 217.172.65
    Deny from 217.52.41
    Deny from 217.66.177
    Deny from 217.97.128
    Deny from 218.59.146
    Deny from 220.65.209
    Deny from 221.194.28
    Deny from 24.106.23
    Deny from 24.63.28
    Deny from 24.73.149
    Deny from 38.113.198
    Deny from 61.197.242
    Deny from 61.30.47
    Deny from 61.95.221
    Deny from 62.121.99
    Deny from 62.87.152
    Deny from 64.172.167
    Deny from 65.30.11
    Deny from 66.122.214
    Deny from 66.98.152
    Deny from 66.98.226
    Deny from 68.162.220
    Deny from 80.16.106
    Deny from 80.18.225
    Deny from 80.247.76
    Deny from 80.53.171
    Deny from 80.58.11
    Deny from 80.58.22
    Deny from 81.117.178
    Deny from 81.118.4
    Deny from 81.5.140
    Deny from 82.112.196
    Deny from 82.133.96
    Deny from 82.185.182
    Deny from 82.81.204

  18. Mark (podz)
    Support Maven
    Posted 10 years ago #

    Thanks Kitten !

  19. somefool
    Posted 10 years ago #

    yeah Ive got loads of these
    with the Ip address seemingly completly different each time, is this a virus of some kind spamming from peoples PCs with out them knowing?

  20. Laughinglizard
    Posted 10 years ago #

    POdz, can we please remove the link at the top of this thread so the spammer does not get the pagerank he/she needs?

  21. tomhanna
    Posted 10 years ago #

    Boy that Wiki post is really helpful...not.
    Comment moderation with people spamming hundreds of times a day is a ridiculous solution.
    There's a link to a Moveable Type plugin with no instructions for use with Word Press.
    I found a decent solution the other day, but it involves creating a "blocklist.txt" file that you have to manually add to and I can't find that solution in the vaunted search today or I'd link it here. I came back hoping that maybe someone would be working on a plug-in/hack comparable to the antispam measure on b2evolution and noticed this thread where someone looking for help was bashed on the head with the answer that this Wiki post was the be-all-end-all. It isn't.

  22. Guys, here's another link: http://www.tamba2.org.uk/wordpress/spam/ You can find it by reading through the results after searching the forum for "comment spam".
    P.S. Stick away from IP blocking. IPs can be spoof and are usually shelled out again to other users after a week. You could block the spammer for now, but you'll be blocking future legitimate users later. You should only block an IP for 24 hours in order to break up a SPAM flood. There are better ways.

  23. Kitten: Thank you for that list!
    tomhanna et al: If you find something in the Wiki that doesn't seem to be helpful at all, and you come across or learn something way better, hopefully you can add or modify it? I'm trying to do that now, since some of the explanations might not be thorough enough for someone new just starting with WP and stuff.
    [rant] I guess members in here get mad because it seems that more often than not, someone sees WP, tries it out, gets errors, and immediately posts an Anonymous question with their email address. If there's no indication that they've searched, and people like podz or Beel or macmanx find something on the subject, they'll feel more inclined to bash. Most everyone here volunteering. The least we can do is search for the relevant information, try to make sense of it, and if it doesn't work, explain that they didn't help you get anywhere. I love this script right now, and I'd hate to see the forums get bogged down in flame wars. [/rant]
    - Bryan (a WP toddler)

  24. Kitten
    Posted 10 years ago #

    PC viruses install 'backdoors' that allow spammers to have remote control over the PC to use it for spamming. Some IPs are spoofed, but mostly it's zombie botnets.
    True, but most of the zombies tend to be on cable modems/dsl/adsl and only get their IP addr renewed infrequently. I'm building up my list until this assclown is completely blocked.
    I'll continue to collect IPs with the last quad dropped (so that each entry blocks 255 IPs) for reference.

  25. Anonymous
    Posted 10 years ago #

    the third time this idiot posted a bunch of comments I changed the name of the wp-comments-post.php to something else - shown here - http://wordpress.org/support/3/13443 havn't been bothered since.
    Just to be on the safe time, I decided to close off comments after 21 days. http://wiki.wordpress.org/Auto%20shutoff%20comments

  26. Keely
    Posted 10 years ago #

    I installed the authorization image hack today http://www.gudlyf.com/archives/2004/06/07/wordpress-hack-authimage/
    Easy to install and that lamer's spam doesn't even hit my moderation queue now.

  27. Mark (podz)
    Support Maven
    Posted 10 years ago #

    It does Beel, yes.
    I don't bash, sometimes it's sarcasm, and sometimes it's just frustration that a perfectly good tool to find information is there and it is wasted on some.
    It takes what, 30 seconds of time for me to run a quick search and post the results.
    It would take a forum user that much time too - and it's their problem that wants fixing. Not ours.

  28. Mark (podz)
    Support Maven
    Posted 10 years ago #

    Recently, there has been a flood of people complaining about comment spam. Unless I keep a list of each and every thread, there is no option but to search is there ? I posted that if people will send me links for measures against comment spam I will keep a compiled resource, but as yet - nothing. Maybe my list is complete ? And I did that after more than one request for a wiki page for that purpose - a wiki page being something you (as in anyone) can set up within minutes.
    The 'search' is more usually for very common answers, and even then you will still find comprehensive answers being given.
    More unfriendly here ? I don't know, but I do know it's extremely busy, and help is very much forthcoming.

  29. Mark (podz)
    Support Maven
    Posted 10 years ago #

    I agree, and I have that page listed, along with many others, sitting open on my wiki right now.
    I even posted all my links that I keep here:
    so that if others wanted to help they had a ready list, or if they just wanted it to peruse at their leisure.
    I know that if someone has a problem it's a problem to them, and that we are here to help them toward the solution, but as NM said in his post - which I agree with - the person needs to maybe hunt around a little first ?
    I've given a link before, and had a followup post of "Seen that, didn't work" - how was I to know ? Why didn't they mention it ?
    It's like when people post that their site looks wrong, put all their css into a post and then don't provide a link - how are we meant to work out what's wrong ?
    What would be very nice though is that if people here - people reading this post - would head over to the FAQ and either ask a question, answer a question, or both. That would help hugely, it really would. And if you don't want to mess with the wiki, post it here, email me / matt / NM but help - everything helps.
    If that FAQ can be comprehensive enough - which will take a lot of work - then new users can automatically find it (or be pointed to it or answers in it).
    If you think that a question belongs there - ask it !
    And if you can answer one - please do!
    It'll only take you a minute, but it'll help someone out.

  30. Podz, I completely agree with you, 100%.

Topic Closed

This topic has been closed to new replies.

About this Topic


No tags yet.