apologies if discussed previously. i’m receiving a ton of spam comments from this:
Author : your fat ass (IP: 22.214.171.124 , cethil.insa-lyon.fr)
E-mail : email@example.com
URL : http://www.I'm_a_stupid_spammer.com
Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=126.96.36.199
considering comments have always been moderated and he/it still continues, i suspect its automated. so my questions: 1. is it automated? 2. how to deal with it?
many thanks in advance!
Here’s a IP deny list that will catch about 99% of this assclown’s botnet:
Deny from 134.214.77
Deny from 148.244.150
Deny from 150.101.110
Deny from 158.42.52
Deny from 164.100.11
Deny from 168.37.253
Deny from 192.114.189
Deny from 193.41.248
Deny from 194.126.30
Deny from 195.117.196
Deny from 195.141.64
Deny from 195.172.182
Deny from 195.224.127
Deny from 195.38.127
Deny from 200.193.237
Deny from 200.208.68
Deny from 200.31.17
Deny from 200.32.86
Deny from 200.35.81
Deny from 202.47.247
Deny from 202.88.149
Deny from 202.97.150
Deny from 203.101.30
Deny from 203.172.181
Deny from 209.150.203
Deny from 209.158.113
Deny from 209.161.205
Deny from 210.0.209
Deny from 210.212.205
Deny from 210.240.188
Deny from 211.147.225
Deny from 211.250.81
Deny from 212.219.119
Deny from 212.235.126
Deny from 212.235.31
Deny from 212.235.40
Deny from 212.235.41
Deny from 212.235.85
Deny from 213.130.53
Deny from 213.172.36
Deny from 213.254.42
Deny from 217.172.65
Deny from 217.52.41
Deny from 217.66.177
Deny from 217.97.128
Deny from 218.59.146
Deny from 220.65.209
Deny from 221.194.28
Deny from 24.106.23
Deny from 24.63.28
Deny from 24.73.149
Deny from 38.113.198
Deny from 61.197.242
Deny from 61.30.47
Deny from 61.95.221
Deny from 62.121.99
Deny from 62.87.152
Deny from 64.172.167
Deny from 65.30.11
Deny from 66.122.214
Deny from 66.98.152
Deny from 66.98.226
Deny from 68.162.220
Deny from 80.16.106
Deny from 80.18.225
Deny from 80.247.76
Deny from 80.53.171
Deny from 80.58.11
Deny from 80.58.22
Deny from 81.117.178
Deny from 81.118.4
Deny from 81.5.140
Deny from 82.112.196
Deny from 82.133.96
Deny from 82.185.182
Deny from 82.81.204
yeah Ive got loads of these
with the Ip address seemingly completly different each time, is this a virus of some kind spamming from peoples PCs with out them knowing?
POdz, can we please remove the link at the top of this thread so the spammer does not get the pagerank he/she needs?
Boy that Wiki post is really helpful…not.
Comment moderation with people spamming hundreds of times a day is a ridiculous solution.
There’s a link to a Moveable Type plugin with no instructions for use with Word Press.
I found a decent solution the other day, but it involves creating a “blocklist.txt” file that you have to manually add to and I can’t find that solution in the vaunted search today or I’d link it here. I came back hoping that maybe someone would be working on a plug-in/hack comparable to the antispam measure on b2evolution and noticed this thread where someone looking for help was bashed on the head with the answer that this Wiki post was the be-all-end-all. It isn’t.
Guys, here’s another link: http://www.tamba2.org.uk/wordpress/spam/ You can find it by reading through the results after searching the forum for “comment spam”.
P.S. Stick away from IP blocking. IPs can be spoof and are usually shelled out again to other users after a week. You could block the spammer for now, but you’ll be blocking future legitimate users later. You should only block an IP for 24 hours in order to break up a SPAM flood. There are better ways.
Kitten: Thank you for that list!
tomhanna et al: If you find something in the Wiki that doesn’t seem to be helpful at all, and you come across or learn something way better, hopefully you can add or modify it? I’m trying to do that now, since some of the explanations might not be thorough enough for someone new just starting with WP and stuff.
[rant] I guess members in here get mad because it seems that more often than not, someone sees WP, tries it out, gets errors, and immediately posts an Anonymous question with their email address. If there’s no indication that they’ve searched, and people like podz or Beel or macmanx find something on the subject, they’ll feel more inclined to bash. Most everyone here volunteering. The least we can do is search for the relevant information, try to make sense of it, and if it doesn’t work, explain that they didn’t help you get anywhere. I love this script right now, and I’d hate to see the forums get bogged down in flame wars. [/rant]
– Bryan (a WP toddler)
PC viruses install ‘backdoors’ that allow spammers to have remote control over the PC to use it for spamming. Some IPs are spoofed, but mostly it’s zombie botnets.
True, but most of the zombies tend to be on cable modems/dsl/adsl and only get their IP addr renewed infrequently. I’m building up my list until this assclown is completely blocked.
I’ll continue to collect IPs with the last quad dropped (so that each entry blocks 255 IPs) for reference.Anonymous
the third time this idiot posted a bunch of comments I changed the name of the wp-comments-post.php to something else – shown here – http://wordpress.org/support/3/13443 havn’t been bothered since.
Just to be on the safe time, I decided to close off comments after 21 days. http://wiki.wordpress.org/Auto%20shutoff%20comments
I installed the authorization image hack today http://www.gudlyf.com/archives/2004/06/07/wordpress-hack-authimage/
Easy to install and that lamer’s spam doesn’t even hit my moderation queue now.
It does Beel, yes.
I don’t bash, sometimes it’s sarcasm, and sometimes it’s just frustration that a perfectly good tool to find information is there and it is wasted on some.
It takes what, 30 seconds of time for me to run a quick search and post the results.
It would take a forum user that much time too – and it’s their problem that wants fixing. Not ours.
Recently, there has been a flood of people complaining about comment spam. Unless I keep a list of each and every thread, there is no option but to search is there ? I posted that if people will send me links for measures against comment spam I will keep a compiled resource, but as yet – nothing. Maybe my list is complete ? And I did that after more than one request for a wiki page for that purpose – a wiki page being something you (as in anyone) can set up within minutes.
The ‘search’ is more usually for very common answers, and even then you will still find comprehensive answers being given.
More unfriendly here ? I don’t know, but I do know it’s extremely busy, and help is very much forthcoming.
I agree, and I have that page listed, along with many others, sitting open on my wiki right now.
I even posted all my links that I keep here:
so that if others wanted to help they had a ready list, or if they just wanted it to peruse at their leisure.
I know that if someone has a problem it’s a problem to them, and that we are here to help them toward the solution, but as NM said in his post – which I agree with – the person needs to maybe hunt around a little first ?
I’ve given a link before, and had a followup post of “Seen that, didn’t work” – how was I to know ? Why didn’t they mention it ?
It’s like when people post that their site looks wrong, put all their css into a post and then don’t provide a link – how are we meant to work out what’s wrong ?
What would be very nice though is that if people here – people reading this post – would head over to the FAQ and either ask a question, answer a question, or both. That would help hugely, it really would. And if you don’t want to mess with the wiki, post it here, email me / matt / NM but help – everything helps.
If that FAQ can be comprehensive enough – which will take a lot of work – then new users can automatically find it (or be pointed to it or answers in it).
If you think that a question belongs there – ask it !
And if you can answer one – please do!
It’ll only take you a minute, but it’ll help someone out.
- The topic ‘how to block comment spammer’ is closed to new replies.