Few days ago two commentators advised me not use Captcha. As we know Captcha is a nice defense against Spam comments. Removing Captcha meant more Spam. I once even tested what happens if I remove Captcha. The result was devastating, 9 Spam in 2 hours. Luckily Askimet stopped them but didn’t delete them  automatically. So far Askimet has stopped 852 Spam in 3 months.
Spam can destroy you blog. Few days ago I read on The Melvin Blog that a newly started blog (the owner sold his last blog at a high price) has so many Spam comments that the Top commentator is always one person. The name is John . First four were different version of the name John. Well forget about that, we need to focus on how to stop these Spam comments. Now that I was going to remove Captcha my only choice was to install more plugins which would work beside Askimet to stop Spam. I found one nice Plug-in which gave a nice tip and trick.
The Plug-in I found is ‘AVH First Defense Against Spam’Â by Peter van der Does. As it says it is really a first defense. It intends to stop spammers by IP address filtering. I am not here to discuss about the plug-in but the tip and trick it gave. Below is the Tip and Trick.
Deny direct access to add comments.
Add the following lines to your .htaccess file above the WordPress section.
<IfModule mod_rewrite.c> RewriteEngine On RewriteBase / RewriteCond %{REQUEST_METHOD} POST RewriteCond %{THE_REQUEST} .wp-comments-post.php.* RewriteCond %{HTTP_REFERER} !.*example.com/.*$ [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) http://%{REMOTE_ADDR}/ [R=301,L] </IfModule>Replace example.com with your domain.
Spammers are known to call the file wp-comments-post.php directly. Normal users would never do this, the above part will block this behavior.
If you have access to your .htaccess file than this is going to be very handy and useful. Try it, but remember modifying .htaccess file is risky. Make a back-up of the original file. Ask you web host if the code is safe if you have any doubt.
{ 10 comments… read them below or add one }
I find that Akismet pretty much keeps spam off of my blog. That’s a really good tip though, the URL rewrite one.I think that my stats beat yours:’Akismet has protected your site from 3,851 spam comments already…’Almost 4,000 spam comments in around 5 months.
Austin’s last blog post: Learning Methods
Hm, weird. I got a 404 for ‘wp-comments-post.php’ when submitting that comment, but it still posted.
Austin’s last blog post: Learning Methods
3851 is really pretty high. Did you got those in your current blog? Your blog was targeted to SEO. I feel spammer valued it.
Thank you for posting the tip here and referring to my website.
Personally I have changed the rules a little bit as I found certain spammers we clever enough to use a referrer : “http://blog.avirtualhome.com/wp-comments-post.php”
This is the same URL as the POST.
I changed it to:
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{THE_REQUEST} .wp-comments-post\.php.*
RewriteCond %{HTTP_REFERER} !.*avirtualhome\.com/.+/. [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://%{REMOTE_ADDR}/ [R=301,L]
The difference is that there has to be a directory in the referrer URL.
If you set up permalinks in WordPress this will be the case.
Peter van der Does’s last blog post: Update WordPress Plugin: AVH First Defense Against Spam v1.1
Thanks Peter for keeping me updated. I liked your Tips and wanted others to know about. Readers will be happy to see you contributing.
Guys, I have around 7000 spam comments in Aksimet folder but I don’t bother checking it. Never checked it cause I know spammers will spam so no use wasting time because the rate of spam comments is too high and frankly I don’t have that much time sitting to check. Before I had no captcha, no Aksimet installed and I still did not get spam comments, I used to but they went into awaiting moderation. After I moved to WP 2.7.1 then comment moderation did not work so installed Aksimet. So you guys should be happy if your getting spam, the more spam you get, it shows the more succesful your site is. For e.g John Chow gets more then 1000 spam comments daily, thats 30000+ a day. So isint it a good thing, LOL. Sorry for the backward thinking!
Make Money Online’s last blog post: Why USB Drives Are So Clever
I’m not really sure why I got so many spam comments. I guess that my blog got entered on a spam list of some sorts, and was continuously spammed from that.
Austin’s last blog post: Learning Methods
Talking about CAPTCHA for Comments, I personally think that Keeping a tough Captcha diccourages people from comment on Blogs!
I often dont comment on Blogs which have a confusing CAPTCHA image.
But a small image is a must which will stop different scripts from publishing SPAM comments on the Blogs.
You are right. The CAPTCHA I used was simple. But now I am now experimenting with some anti-spam plugins. I hope they help.
you removed captcha n now I m thinking of having captcha in my blog due to huge amount of spam caught by aksimet
computer problems’s last blog post: History of computer and Internet