On my blog, I use :
-> Akismet (already installed with your WordPress)
-> Bad Behavior
Then, create an account here and get the API key for Bad Behavior here : https://www.projecthoneypot.org/httpbl_configure.php
-> Htaccess file like this example :
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
# BEGIN File Permissions
<Files .htaccess>
Order allow,deny
deny from all
</Files>
<files wp-config.php>
Order allow,deny
deny from all
</files>
<files wp-settings.php>
Order allow,deny
deny from all
</files>
# END
# BEGIN Block by Country (IP Range)
# http://incredibill.me/htaccess-block-country-ips
#
# Block from CHINA (CN)
#
deny from 1.0.1.0/24
deny from 1.0.2.0/23
deny from 1.0.8.0/21
deny from 1.0.32.0/19
deny from 1.1.0.0/24
deny from 1.1.2.0/23
deny from 1.1.4.0/22
deny from 1.1.8.0/21
deny from 1.1.16.0/20
deny from 1.1.32.0/19
deny from 1.2.0.0/23
deny from 1.2.2.0/24
deny from 1.2.4.0/24
deny from 1.2.5.0/24
deny from 1.2.6.0/23
deny from 1.2.8.0/21
deny from 1.2.16.0/20
deny from 1.2.32.0/19
deny from 1.2.64.0/18
... ...
# END
You can use http://incredibill.me/htaccess-block-country-ips to extract the IP Addresses Range in function of countries 😉
http://wordpress.org/extend/plugins/cookies-for-comments/
Is highly effective – it blocks the spam bots that ‘bypass’ your site and post directly to your comment form URL.
