Get Rid of Splogs Once and For All

robotsEveryone needs help defending themselves against the wicked little robots that roam about creating spam blogs, sometimes by the thousands. Your WPMU installation can quickly become overrun and deleting these fake users can take hours. This is an unacceptable waste of your time. Getting rid of splogs once and for all depends on where they’re coming from and can sometimes take a combination of methods. You will have to find what works for your WPMU community. We’ve put together a collection of tools, snippets, and plugins from various developers to help you in the ongoing battle against splogs.

Modify Your .htaccess File:

Get Apache working for you and kick them out at the door!

# BEGIN ANTISPAMBLOG REGISTRATION
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-signup.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://get-the-heck-out.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION

Here’s what you do. Paste that into your .htacess file and modify “yourdomain.com” to match yours. Then change the “get-the-heck-out.com” link to wherever you want to send those nasty robots. How does it work? It grabs any post requests that come through your wp-signup.php and kicks them right out if it hasn’t been sent from a web page on your WPMU site or if it has an empty user agent string. Thank you again to D’arcy Norman for this tip!

Block IP Addresses:

Check your server logs to find out where they’re coming from and block their IP addresses in your .htaccess file:

order allow,deny
deny from 192.168.44.201
deny from 224.39.163.12
deny from 172.16.7.92
allow from all

or block a range of IP addresses:

order allow,deny
deny from 192.168.
deny from 10.0.0.
allow from all

Oh yeah and while you’re in there, if they’re hotlinking your images, here’s how you throw down:

RewriteEngine on
RewriteCond %{HTTP_REFERER} ^http://.*lame-bandwidth-theft.com [NC]
RewriteRule .* – [F]

That will give a 403 Forbidden error to anyone trying to hotlink your images on lame-bandwidth-theft.com.

Plugins you can use:

hashcashWP Hashcash
This plugin is for WPMU. It gets rid of comment spam and has been modified to work on the signup page.

nospamxNoSpamNX
NoSpamNX will automatically add additional form fields which are hidden to the user when interacting with your site’s signup or comment forms. The additional fields are used to identify and block the spambots. You can mark them as spam, block them, put them in a queue for moderation or blacklist them.

invisibleInvisible Defender
Similar to NoSpamNX, this plugin adds additional fields with CSS to protect registration, login and comment forms . It performs checks for spambots and returns a 403 Forbidden error to them.

tosTerms of Service
This plugin can significantly reduce the number of splogs you get. It forces the user to have to tick the checkbox in agreement of terms of service before they can continue.

This is a good start. The bots are constantly learning and adapting their tactics to get past your best defenses. Please share any other methods you’ve used to banish splogs and we’ll all work together to continue issuing them death warrants.

Tags ,

Comments (10)

  1. You may be able to use multiple lines of:
    RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]

    With a different domain on each, but I’m not an expert (or even competent) with rewrite rules so it’s best to test out somewhere safe first.

  2. what if my installation is in a sub-directory, like http://www.domain.com/BP/ ?

    would I do this:

    RewriteCond %{REQUEST_URI} .BP/wp-signup\.php*

    for that line – same for the others?

    …I’m assuming the .hataccess file in /BP/.htacess has no effect and I need to use the .htaccess up a level, but then I must have to give it some relative locations. I I’m supposed to be using the /BP/.htaccess file, should I change how things point from the top or relative to the .htaccess location?

    Sploggers taking over our blogs. So far none of the variations on this work – I’m assuming I can test this by navigating directly to mydomain.com/BP/wp-signup.com

Participate