WordPress Comment Spam – How to Block It.

If you are building and creating a blog which attracts a large number of page views then WordPress Comment Spam is most definitely one of the most annoying chores you are forced to deal with on an almost daily basis. There’s trusty Akismet, the old plugin which does a pretty good job in catching WordPress comment spam, but there are some times when spammers are able to get by Akismet’s defenses and enter your main comments section.

WordPress Comment Spam – What is it?

If you run a blog you’ll know it right away when you see it. It might be a poorly written, or misspelled sentence or two, often linking to another website. The links placed in comment spam come under two categories. Completely off topic, or on topic but still obviously commercialized postings. You may become inundated with comments, especially if you are not using Akismet. Even as such I use Akismet and Disqus commenting systems. This certainly cuts down on the junk, I still have to battle against the auto comment systems. Some of which seem to be run by idiots.

Is there an effective way to fight this? Yes and no. First lets step back and recognize that 90% or more, WordPress Comment Spam, comes from just two countries. Ukraine/Russia and China. China is so bass backwards in their Internet game they effectively block content from being accessed yet they completely ignore the massive copyright, attempted hacking and other shenanigans that country has become famous for. The government in China does nothing to stop or even discourage hackers or the illegal copying of copyrighted material created in the US (movies, music, and other intellectual property including your Web site content). As such, we must protect ourselves from the Chinese hackers and content thieves.

What this method will attempt to do is block access to know IP ranges. We will accomplish this through .htaccess restrictions. While blocking certain ranges of IP addresses and the resulting Web traffic originating from these countries,  China may block some non-hacking traffic, yet the complete lack of interest by the Chinese officials in cleaning up their network leaves us with no choice but to fight back and block them from our networks. Never mind that the Chinese government autonomously blocks access to specific US Web sites from its own citizens, including MIT’s vast array of on-line educational resources. Maybe if the people of China are systematically denied access to enough of our sites, the Chinese  government will consider becoming better cyber-citizens

Their are several published resources for IP CIDR blocks. Get up-to-date list from http://www.okean.com/thegoods.html or (in .htaccess format) http://www.wizcrafts.net/chinese-blocklist.html

Keep in mind that if your are unfamiliar with .htaccess files and editing them. You must be able to answer yes to the following questions;

  1. You are running your host on Linux/Unix or a derivative.
  2. You have apache directive AllowOverride FileInfo,  in order to read and honor the individual directories .htacess files.
  3. For more detailed information please check the Apache .htaccess docs here.

To Block just Baidu spiders place this code at the end of your .htaccess file
deny from 61.135.192.0/18 77.88.0.0/18 77.91.224.0/24 87.250.224.0/19 92.241.182.0/24 93.158.128.0/18 95.108.150.0/24 119.63.192.0/21 123.125.64.0/18
188.143.128.0-188.143.255.255 178.154.128.0/17193.47.80.0/24 213.180.192.0/19 220.181.0.0/19


# China IP Address Blocks
deny from 58.14.0.0/15 58.16.0.0/13 58.24.0.0/15 58.30.0.0/15 58.32.0.0/11 58.66.0.0/15 58.68.128.0/17 58.82.0.0/15 58.87.64.0/18 58.99.128.0/17 58.100.0.0/15 58.116.0.0/14 58.128.0.0/13 58.144.0.0/16 58.154.0.0/15 58.192.0.0/11 58.240.0.0/12
deny from 59.32.0.0/11 59.64.0.0/13 59.72.0.0/15 59.77.0.0/16 59.78.0.0/15 59.80.0.0/14 59.107.0.0/16 59.108.0.0/14 59.151.0.0/17 59.155.0.0/16 59.172.0.0/14 59.191.0.0/16 59.192.0.0/10
deny from 60.0.0.0/11 60.55.0.0/16 60.63.0.0/16 60.160.0.0/11 60.194.0.0/15 60.200.0.0/13 60.208.0.0/12 60.232.0.0/15 60.235.0.0/16 60.245.128.0/17 60.247.0.0/16 60.252.0.0/16 60.253.128.0/17 60.255.0.0/16
deny from 61.4.80.0/20 61.4.176.0/20 61.8.160.0/20 61.28.0.0/17 61.29.128.0/17 61.45.128.0/18 61.47.128.0/18 61.48.0.0/13 61.87.192.0/18 61.128.0.0/10 61.232.0.0/14 61.236.0.0/15 61.240.0.0/14
deny from 116.1.0.0/16 116.2.0.0/15 116.4.0.0/14 116.8.0.0/14 116.13.0.0/16 116.16.0.0/12 116.52.0.0/14 116.56.0.0/15 116.58.128.0/20 116.58.208.0/20 116.60.0.0/14 116.66.0.0/17 116.69.0.0/16 116.70.0.0/17 116.76.0.0/14 116.89.144.0/20 116.90.184.0/21 116.95.0.0/16 116.112.0.0/14 116.116.0.0/15 116.128.0.0/10 116.192.0.0/16 116.193.16.0/20 116.193.32.0/19 116.194.0.0/15 116.196.0.0/16
deny from 116.198.0.0/16 116.199.0.0/17 116.199.128.0/19 116.204.0.0/15 116.207.0.0/16 116.208.0.0/14 116.212.160.0/20 116.213.64.0/18 116.213.128.0/17 116.214.32.0/19 116.214.64.0/20 116.214.128.0/17 116.215.0.0/16 116.216.0.0/14 116.224.0.0/12 116.242.0.0/15 116.244.0.0/14 116.248.0.0/15 116.252.0.0/15 116.254.128.0/17 116.255.128.0/17
deny from 117.8.0.0/13 117.21.0.0/16 117.22.0.0/15 117.24.0.0/13 117.32.0.0/13 117.40.0.0/14 117.44.0.0/15 117.48.0.0/14 117.53.176.0/20 117.57.0.0/16 117.58.0.0/17 117.59.0.0/16 117.60.0.0/14 117.64.0.0/13 117.72.0.0/15 117.74.64.0/20 117.74.128.0/17 117.75.0.0/16 117.76.0.0/14 117.80.0.0/12 117.100.0.0/15 117.103.16.0/20 117.103.128.0/20 117.106.0.0/15 117.112.0.0/13 117.120.64.0/18 117.120.128.0/17 117.121.0.0/17 117.121.128.0/18 117.121.192.0/21 117.122.128.0/17 117.124.0.0/14 117.128.0.0/10
deny from 118.24.0.0/13 118.64.0.0/15 118.66.0.0/16 118.67.112.0/20 118.72.0.0/13 118.80.0.0/15 118.84.0.0/15 118.88.32.0/19 118.88.64.0/18 118.88.128.0/17 118.89.0.0/16 118.91.240.0/20 118.102.16.0/20 118.112.0.0/13 118.120.0.0/14 118.124.0.0/15 118.126.0.0/16 118.132.0.0/14 118.144.0.0/14 118.178.0.0/16 118.180.0.0/14 118.184.0.0/13 118.192.0.0/12 118.212.0.0/15 118.224.0.0/14 118.228.0.0/15 118.230.0.0/16 118.239.0.0/16 118.242.0.0/16 118.244.0.0/14 118.248.0.0/13
deny from 119.0.0.0/15
deny from 121.0.16.0/20 121.4.0.0/15 121.8.0.0/13 121.16.0.0/12 121.32.0.0/13 121.40.0.0/14 121.46.0.0/15 121.48.0.0/15 121.51.0.0/16 121.52.160.0/19 121.52.208.0/20 121.52.224.0/19 121.55.0.0/18 121.56.0.0/15 121.58.0.0/17 121.58.144.0/20 121.59.0.0/16 121.60.0.0/14 121.68.0.0/14 121.76.0.0/15 121.79.128.0/18 121.89.0.0/16 121.100.128.0/17 121.192.0.0/13 121.201.0.0/16 121.204.0.0/14 121.224.0.0/12 121.248.0.0/14 121.255.0.0/16
deny from 122.0.64.0/18 122.0.128.0/17 122.4.0.0/14 122.8.0.0/13 122.48.0.0/16 122.49.0.0/18 122.51.0.0/16 122.64.0.0/11 122.96.0.0/15 122.102.0.0/20 122.102.64.0/19 122.112.0.0/14 122.119.0.0/16 122.136.0.0/13 122.144.128.0/17 122.156.0.0/14 122.192.0.0/14 122.198.0.0/16 122.200.64.0/18 122.204.0.0/14 122.224.0.0/12 122.240.0.0/13 122.248.48.0/20
deny from 123.0.128.0/18 123.4.0.0/14 123.8.0.0/13 123.49.128.0/17 123.52.0.0/14 123.56.0.0/13 123.64.0.0/11 123.96.0.0/15 123.98.0.0/17 123.99.128.0/17 123.100.0.0/19 123.101.0.0/16 123.103.0.0/17 123.108.128.0/20 123.108.208.0/20 123.112.0.0/12 123.128.0.0/13 123.136.80.0/20 123.137.0.0/16 123.138.0.0/15 123.144.0.0/12 123.160.0.0/12 123.176.80.0/20 123.177.0.0/16 123.178.0.0/15 123.180.0.0/14 123.184.0.0/13 123.196.0.0/15 123.199.128.0/17 123.232.0.0/14 123.244.0.0/14 123.249.0.0/16 123.253.0.0/16
deny from 124.6.64.0/18 124.14.0.0/15 124.16.0.0/15 124.20.0.0/14 124.28.192.0/18 124.29.0.0/17 124.31.0.0/16 124.40.112.0/20 124.40.128.0/18 124.42.0.0/16 124.47.0.0/18 124.64.0.0/15 124.66.0.0/17 124.67.0.0/16 124.68.0.0/14 124.72.0.0/13 124.88.0.0/13 124.108.8.0/21 124.108.40.0/21 124.112.0.0/13 124.126.0.0/15 124.128.0.0/13 124.147.128.0/17 124.156.0.0/16 124.160.0.0/13 124.172.0.0/14 124.192.0.0/15 124.196.0.0/16 124.200.0.0/13 124.220.0.0/14 124.224.0.0/12 124.240.0.0/17 124.242.0.0/16 124.243.192.0/18 124.248.0.0/17 124.249.0.0/16 124.250.0.0/15 124.254.0.0/18
deny from 125.31.192.0/18 125.32.0.0/12 125.58.128.0/17 125.61.128.0/17 125.62.0.0/18 125.64.0.0/11 125.96.0.0/15 125.98.0.0/16 125.104.0.0/13 125.112.0.0/12 125.169.0.0/16 125.171.0.0/16 125.208.0.0/18 125.210.0.0/15 125.213.0.0/17 125.214.96.0/19 125.215.0.0/18 125.216.0.0/13 125.254.128.0/17
deny from 134.196.0.0/16
deny from 159.226.0.0/16
deny from 161.207.0.0/16
deny from 162.105.0.0/16
deny from 166.111.0.0/16
deny from 167.139.0.0/16
deny from 168.160.0.0/16
deny from 192.83.122.0/24 192.124.154.0/24 192.188.170.0/24
deny from 198.17.7.0/24 198.97.132.0/24
deny from 202.0.110.0/24 202.0.160.0/20 202.0.176.0/22 202.4.128.0/19 202.4.252.0/22 202.8.128.0/19 202.10.64.0/20 202.14.88.0/24 202.14.235.0/24 202.14.236.0/23 202.14.238.0/24 202.20.120.0/24 202.22.248.0/21 202.38.0.0/20 202.38.64.0/18 202.38.128.0/21 202.38.136.0/23 202.38.138.0/24 202.38.140.0/22 202.38.144.0/22 202.38.149.0/24 202.38.150.0/23 202.38.152.0/22 202.38.156.0/24 202.38.158.0/23 202.38.160.0/23 202.38.164.0/22 202.38.168.0/21 202.38.176.0/23 202.38.184.0/21 202.38.192.0/18 202.41.152.0/21 202.41.240.0/20 202.46.32.0/19 202.46.224.0/20
deny from 202.60.112.0/20 202.69.4.0/22 202.69.16.0/20 202.70.0.0/19 202.74.8.0/21 202.75.208.0/20 202.85.208.0/20 202.90.0.0/22 202.90.224.0/20 202.90.252.0/22 202.91.0.0/22 202.91.128.0/22 202.91.176.0/20 202.91.224.0/19 202.92.0.0/22 202.92.252.0/22 202.93.0.0/22 202.93.252.0/22 202.94.0.0/19 202.95.0.0/19 202.95.252.0/22 202.96.0.0/12
deny from 202.112.0.0/13 202.120.0.0/15 202.122.0.0/19 202.122.32.0/21 202.122.64.0/19 202.122.112.0/21 202.122.128.0/24 202.123.96.0/20 202.124.24.0/21 202.125.176.0/20 202.127.0.0/18 202.127.112.0/20 202.127.128.0/19 202.127.160.0/21 202.127.192.0/18 202.130.0.0/19 202.130.224.0/19 202.131.16.0/21 202.131.48.0/20 202.131.208.0/20 202.136.48.0/20 202.136.208.0/20 202.136.224.0/20 202.141.160.0/19 202.142.16.0/20 202.143.16.0/20 202.148.96.0/19 202.149.160.0/20 202.149.224.0/19
deny from 202.150.16.0/20 202.152.176.0/20 202.153.48.0/20 202.158.160.0/19 202.160.176.0/20 202.164.0.0/20 202.164.25.0/24 202.165.96.0/21 202.165.176.0/20 202.165.208.0/20 202.168.160.0/19 202.170.128.0/19 202.170.216.0/21 202.173.8.0/21 202.173.224.0/19 202.179.240.0/20 202.180.128.0/19 202.181.112.0/20 202.189.80.0/20 202.192.0.0/12
deny from 203.18.50.0/24 203.79.0.0/20 203.80.144.0/20 203.81.16.0/20 203.83.56.0/21 203.86.0.0/18 203.86.64.0/19 203.88.0.0/22 203.88.32.0/19 203.88.192.0/19 203.89.0.0/22 203.90.0.0/22 203.90.128.0/18 203.90.192.0/19 203.91.32.0/19 203.91.96.0/20 203.91.120.0/21 203.92.0.0/22 203.92.160.0/19 203.93.0.0/16 203.94.0.0/18 203.95.0.0/21 203.95.96.0/19 203.99.16.0/20 203.99.80.0/20
deny from 203.100.32.0/20 203.100.80.0/20 203.100.96.0/19 203.100.192.0/20 203.110.160.0/19 203.118.192.0/19 203.119.24.0/21 203.119.32.0/22 203.128.32.0/19 203.128.96.0/19 203.128.128.0/19 203.130.32.0/19 203.132.32.0/19 203.134.240.0/21 203.135.96.0/19 203.135.160.0/20 203.148.0.0/18 203.152.64.0/19 203.156.192.0/18 203.158.16.0/21 203.161.192.0/19 203.166.160.0/19 203.171.224.0/20 203.174.7.0/24 203.174.96.0/19 203.175.128.0/19 203.175.192.0/18 203.176.168.0/21 203.184.80.0/20 203.187.160.0/19 203.190.96.0/20 203.191.16.0/20 203.191.64.0/18 203.191.144.0/20 203.192.0.0/19 203.196.0.0/22
deny from 203.207.64.0/18 203.207.128.0/17 203.208.0.0/20 203.208.16.0/22 203.208.32.0/19 203.209.224.0/19 203.212.0.0/20 203.212.80.0/20 203.222.192.0/20 203.223.0.0/20
deny from 210.2.0.0/19 210.5.0.0/19 210.5.32.0/20 210.5.144.0/20 210.12.0.0/15 210.14.64.0/19 210.14.112.0/20 210.14.128.0/17 210.15.0.0/17 210.15.128.0/18 210.16.128.0/18 210.21.0.0/16 210.22.0.0/16 210.23.32.0/19 210.25.0.0/16 210.26.0.0/15 210.28.0.0/14 210.32.0.0/12 210.51.0.0/16 210.52.0.0/15 210.56.192.0/19 210.72.0.0/14 210.76.0.0/15 210.78.0.0/16 210.79.64.0/18 210.79.224.0/19 210.82.0.0/15 210.87.128.0/18 210.185.192.0/18 210.192.96.0/19
deny from 211.64.0.0/13 211.80.0.0/12 211.96.0.0/13 211.136.0.0/13 211.144.0.0/12 211.160.0.0/13
deny from 218.0.0.0/11 218.56.0.0/13 218.64.0.0/11 218.96.0.0/14 218.104.0.0/14 218.108.0.0/15 218.192.0.0/12 218.240.0.0/13 218.249.0.0/16
deny from 219.72.0.0/16 219.82.0.0/16 219.128.0.0/11 219.216.0.0/13 219.224.0.0/12 219.242.0.0/15 219.244.0.0/14
deny from 220.101.192.0/18 220.112.0.0/14 220.152.128.0/17 220.154.0.0/15 220.160.0.0/11 220.192.0.0/12 220.231.0.0/18 220.231.128.0/17 220.232.64.0/18 220.234.0.0/16 220.242.0.0/15 220.248.0.0/14
deny from 221.0.0.0/13 221.8.0.0/14 221.12.0.0/17 221.12.128.0/18 221.13.0.0/16 221.14.0.0/15 221.122.0.0/15 221.129.0.0/16 221.130.0.0/15 221.133.224.0/19 221.136.0.0/15 221.172.0.0/14 221.176.0.0/13 221.192.0.0/14 221.196.0.0/15 221.198.0.0/16 221.199.0.0/17 221.199.128.0/18 221.199.192.0/20 221.199.224.0/19 221.200.0.0/13 221.208.0.0/12 221.224.0.0/12
deny from 222.16.0.0/12 222.32.0.0/11 222.64.0.0/11 222.125.0.0/16 222.126.128.0/17 222.128.0.0/12 222.160.0.0/14 222.168.0.0/13 222.176.0.0/12 222.192.0.0/11 222.240.0.0/13 222.248.0.0/16 222.249.0.0/17 222.249.128.0/18 222.249.192.0/19 222.249.224.0/20 222.249.240.0/21 222.249.248.0/23

Updated Russian IP CIDR blocks. Block these as well and watch your comment spam decline drastically.

# Get up-to-date list from http://www.wizcrafts.net/russian-blocklist.html
# Russia and Ukraine and Bulgaria and Romania and Latvia and Estonia
deny from 77.120.0.0/14
deny from 78.106.0.0/15
deny from 79.120.0.0/17
deny from 80.73.64.0/21 80.85.176.0/20
deny from 81.19.64.0/19 81.95.144.0/20 81.176.0.0/15
deny from 82.76.0.0/14 82.103.64.0/18 82.138.6.128/25 82.144.192.0/19 82.151.112.0/21 82.160.203.0/24
deny from 83.219.129.0/24 83.237.0.0/16
deny from 85.14.35.0/24 85.112.112.0/20 85.140.0.0/15 85.142.0.0/15 85.192.60.0/23 85.249.128.0/19 85.255.112.0/20
deny from 86.127.19.0/24
deny from 87.99.64.0/19 87.103.192.0/20 87.120.16.0/20 87.242.116.0/23
deny from 89.122.0.0/16 89.37.144.0/21 89.111.176.0/20 89.175.0.0/16 89.178.0.0/15 89.190.224.0/19
deny from 91.76.0.0/14 91.124.0.0/16
deny from 141.85.0.0/16
deny from 192.129.3.0/24
deny from 193.39.113.0/24 193.47.166.0/24 193.178.144.0/22
deny from 194.44.36.0/24 194.186.0.0/16
deny from 195.28.32.0/19 195.34.224.0/19 195.95.218.0/23 195.5.116.0/23 195.137.200.0/23 195.138.198.0/24 195.189.246.0/23 195.208.0.0/15 195.225.176.0/22 195.239.0.0/16 195.242.98.0/23 195.244.128.128/25 195.245.112.0/23
deny from 212.24.32.0/19 212.58.192.0/19 212.158.160.0/20
deny from 213.91.128.0/17 213.140.96.0/19 213.154.192.0/19 213.242.12.0/22 213.248.48.0/20
deny from 217.12.240.0/20 217.16.16.0/20 217.77.208.0/20 217.174.96.0/20

Add those lines to your .htaccess files and you will have WordPress Comment Spam licked in no time.

Leave a Reply

Your email address will not be published. Required fields are marked *