5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog

Posted by

spamUnless your Lisa Picarille from Revenue Magazine ( check the trackbacks on this whoper )you know that you would have to be a idiot to automatically approve all comments and trackbacks on your blog right? Well Even that is a pain in the ass so I made a list of ways to stop the spam before it gets that far.

I have come up with the 5 easiest and best ways to fight comment spam. These are ways to stop spam from ever getting to your blog…. btw if you dont know what akismet is then stop right now and set that up first. This is just to help you stop the spam from even getting the that level. The first 2 require editing of the .htaccess. The rest are wordpress plugins.

5) Deny Access to No Referrer Requests

When humans comment on your blog they have read the post and leave a comment. This of course leaves the referal from your blog. One easy way to block spammers is to check for the referal. Simply paste the lines below into your .htaccess file in the root of your webserver.

RewriteEngine On
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*shoemoney.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://whereyouwanttosendthem.com/$ [R=301,L]

What you need to edit:

RewriteCond %{REQUEST_URI} .wp-comments-post\.php* – If you are not running a wordpress blog then you will want to change that to the file that gets the post for comments.

RewriteCond %{HTTP_REFERER} !.*shoemoney.com.* [OR] – obviously you want this to be your domain.

RewriteRule (.*) ^http://whereyouwanttosendthem.com/$ [R=301,L] – this is where you are redirecting them too. This probably does not matter since the automated spambots will not follow redirects.


4) Kill tor anonymous proxies

Thats cool people want to surf anonymously and all that but being that about 75% of my comments come from tor proxies its much easier just to block them.

simply go here and copy this to your .htaccess to block all the tor servers

3) Stop Comments On Older Posts

Spammers target older posts for 2 reasons.

A) they show up in search engines and thus they know:

  • search engines value the page pr wise
  • it could be relavent to the keyword they are trying to spam

B) You wont see it. – since the post is old its unlikely that you would ever notice thus greater chance of sneaking it by you.

You have a few options to fix this-

You can manually disallow comments for posts after x amount of days (ick)

If you have wordpress you can download this plugin
which will automatically close off comments and trackbacks after 21 days.

If you have some h4x0r skills you can setup a cron job (thats a automated task to us ninjas) that will edit your database directly checking for past posts and setting the comments and

2) Blacklist Repeat Offenders:

When some spammers do get in you can blacklist there ips so they wont ever be able to again… this process does suck a bit but its a option.

Again edit your .htaccess file:

order allow,deny
deny from
deny from 192.168.1.*
allow from all

Remember * represent wildcards

1) Rename your comment file

The default for wordpress is wp-comments-post.php by simply renaming this file to say… wpc.php then changing your theme to reflect the different location for the comment file you will ward off a TON of spammers. This will kill 100% of the automated spam bots.

Your probably saying to yourself… well so what? How could this effect my revenue! Well the answer is all the hardwork and time you have spent building the reputation of your site can be QUICKLY destroyed by giving these spammers NAKID (no link condom) links. You know what they say… Imagine everyone you link to and who they have linked to and who they have linked to …. eek!

A good resource I like to read from time to time is SpamHuntress

174 thoughts on “5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog

  1. Kyle

    Just a couple type-o’s… not sure if you care.

    2nd word in the post should be “you’re”, not “your”.
    2nd bullet under #3 should be “relevant”.

    Please delete (don’t post) this comment.

  2. pk

    Thanks for the advice. I am in the process of setting up a support blog and your post has come at the right time. Cheers!

  3. Caleb

    Hey Shoe,
    Do you have any idea why sites like blogger.com make it so easy for comment spam to happen? Is there a good reason that they haven’t enacted such controls across the board over there? I mean I know it’s not just waving a hand and -poof- they can eliminate it all, but the impression I have is that more could be done. Any thoughts?

  4. Sam

    Why don’t you just use SpamKarma?

    On my blog, it has approved 306 comments, rejected 20,826 spams and asked me only what should be done for 22 messages (which were really borderline and forced me to think about them) in more than one year. And I check my log: it has never sent a legitimate comment to hell.

  5. Chip

    I wonder if it’s helpful to think of #5 as a lightweight Turing test–a way to prove it’s a human and not a bot. That’s what captchas do, but at enormous cost and difficulty. I use a solution that’s probably midway between the two in terms of complexity: forced preview.

  6. steve

    I suggest you make sure you use the correct spelling of “you’re”, especially when you’re insulting someone else 😉

  7. Pingback: DesiPundit » Archives » Prevent Comment Spam on Wordpress Blogs

  8. karmadude

    Just what I was looking for, thanks for the cool tips. Now if the spammers are reading this, I wonder, how long before they figure out ways around these tips.

  9. Daniel Lowe

    I just have a field on my site that says “To combat comment spam, please enter the word ‘elbow’ in this field.” It works 100% of the time, and if someone automates it, I’ll just change the word.

  10. Stu

    On my blog the comments have a subject, I found that almost all spammers will put the same name as subject, so simply denying that prevents a great deal of spam.

  11. Arne

    “5) Deny Access to No Referrer Requests”

    I read this post via Mozilla Thunderbird and that certainly didn’t send a referrer. I guess I’m not welcome here when you wouldn’t want me to post. :p

  12. FyreGoddess

    Before I had image verification on my blog, I had problems with spam. Akismet is good, but it’s not flawless, so certain spam would get through, likewise, certain legit comments would wind up in the Akismet blocked list. Since I didn’t want to go through the hassle of always having to go through hundreds of spam comments, I just added a verification plug-in.

    Some of my handful of readers may not like it, but they cope, and I no longer have *any* spam. I turned off Akismet so it would stop with the false positives.

    Robots can’t read images and it’s much less work on the admin end of things.

  13. Pingback: pcn | paulchiu.net » Blog Archive » Stopping blog spam

  14. Don Messerli

    I’m running WordPress and have it set so that a user must be logged-in to post a comment. I’m getting spam comments from non-users. How can this happen?

  15. kwa

    Revenue Magazine appears to use b2evolution for their blogs. That blogging tool has been known for very bad support for anti-spam plug-ins.

    Now, about your toughts, I would like to comment those :

    5) Deny Access to No Referrer Requests

    I’ve already seen some visitors using privacy protection tools removing their browser’s referrer information, making it empty or modified. Preventing those people from commenting your blog appears to lead to block false positives.

    4) Kill tor anonymous proxies

    Using DNS BLs and so also leads to false positives. Hijacked computers are often used as anonymous proxies or identified as such. However, these computers also often use dynamic IP addresses, so the next Internet user having the same IP address a couple of days laters might be blocked. I encountered a false positive on a blog where the user was unable to post comments, while the user was previously known as for commenting my blog.

    1) Rename your comment file

    I haven’t seen any change in spamming load after renaming my comment file. Spammers came back in hours.

    Don’t forget the .htaccess file is parsed for every file open by your web server. Once I had a .htaccess file full of anti-spam techniques (about 3.000 lines of spamming referrers and open proxy IPs), 80% of a page load was spent by the server to parse the .htaccess file…

  16. Pingback: AlbanyWiFi.com » Blog Archive » 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog

  17. Pingback: DailyHitsBlog.com » 30/9 - Stop Spam for Your Site

  18. Pingback: How to prevent comment spam with htaccess at Personal Babblishing

  19. Greg

    Here is a little secret. One of the major spam programs has some generic built in searches for Google. Here is the MAIN thing it searches for (not in quotes):

    powered by wordpress
    welcome to wordpress

    So get rid of those phrases at the bottom of your site and the spam will go down a bit. Keywords can be added to vay the search but those at the top of the SE will be getting hammered with spam. I am guessing other spam bots look for similar generic wordpress text. :)

  20. John_Loch

    I’ve read these tips before. They’ve been around for eons. And unfortunately they don’t count for squat. They can all be dealt with using automata VERY easily, and are bypassed every day.

    The ONLY way to be certain you’re going to nail it automatically, is to use CAPTCHAS. And quite frankly, its far more cost effective than banning from blacklists… Oh no, lookout.. SHOEMONEY CAPTCHA BANNERS.. made spcially for mini-me’s 😉

  21. Steve D.

    I guess my comment is somewhat inline with KWA’s. I understand the need to fight spam, and you’ve got some great ideas, but it seems a shame to disallow anyone using the tor servers…especially with the tor version of firefox out there now. Just my two cents.


  22. stu

    if you look it only blocks post requests, normal robots don’t post to your blog at least not the ones i’ve seen.

  23. Shane

    I’ve been using Spam Karma on many blogs for several months now and couldn’t be happier. You just install it and activate it. That’s it. It’s stopped thousands of spams, only let one through, and only blocked a couple of legitimate comments.

    I can’t imagine anything better.

  24. Pingback: Improve Your Wordpress Spam Protection - Design Notes: A CSS Web Designer’s Blog

  25. Pingback: SEO-Vault » 5 einfache Wege um Blog Spam zu verhindern

  26. Pingback: EveryDigg » Blog Archive » 5 Quick And Easy Ways To Stop Blog Spam BEFORE it gets to your blog

  27. Pingback: Its Great to Be Famous… - Big Brush Media SEM Blog

  28. Pingback: zvonko.biz - 5 ?по?обов напи?ать отличный ?пам

  29. Pingback:   5 ?по?обов напи?ать отличный ?пам - Домашн?? ?траница SEO

  30. Pingback: Webiz Today » Stop Spam - Tips

  31. Pingback: Tips on Fighting Forum Spam

  32. Pingback: The 9 Personality Types of a Comment Spammer « Shaun Says:

  33. Pingback: How to Stop Forum Spam « SEO Blog | Search Engine Optimization Blog

  34. Pingback: iCan Marketing | » Setting up shop

  35. Pingback: Getting settled in - ghoti’s place - you say potato, i say ghoughpteighbteau.

  36. Pingback: 50 Helpfull Blogging Resources » Dee’s-Planet! Blog

  37. Pingback: I have arrived....my blog was spammed! - WickedFire - Internet Marketing Affiliate Webmaster Forum

  38. Pingback: 50 ре?ур?ов дл? блоггера… « Блог Серёжи Борзова

  39. Pingback: /dev/random » Blog Archive » Blogspam

  40. Pingback: Lutter contre le spam at Sam Le Tam Tam

  41. Pingback: PHP - How to prevent comment SPAM? - Webmaster Forum

  42. Svetoslav Marinov


    you are blocking LAN IPs this is just an example right ?

    order allow,deny
    deny from
    deny from 192.168.1.*
    allow from all

    .htaccess file should be regularly updated to prevent SPAM attack.


  43. coffee

    Deny Access to No Referrer Request

    I know I’m a little late to the party, but, was reading through older posts here and found the above tid-bit.

    I have to say that this *may* not be a good idea. I do much programming with “widgets” on third party sites, and the widgets are heavy users of the referrer. One thing that I’ve discovered is that ad blocking software on browsers tend to not send a referrer. Also, some personal firewals (try Microsofts default firewarl) tend to block the referrer.

    This is a lame attempt to solve the problem of viewing ad’s on a site, but one deployed none the less.

    If you block no referrers you may be blocking VALID attempts for access.

    –Random comment :)

  44. Pingback: Die Spammers! Die! « John Chow dot Com

  45. Pingback: How to Stop Comments Spams~ at m3nghua.com

  46. Pingback: Promote Your Websites » Blog Archive » Blogging resources

  47. Pingback: Cinco maneiras fáceis de acabar com o SPAM no seu blog | TNow

  48. Pingback: Five Easy Steps to Stop Blog Spam | Blog Posts

  49. mike

    A client contacted me a few days ago and requested that I add a few additional SPAM impediments to his WordPress blog. These improvements were based on a post over at Shoe Money that has some excellent pointers

  50. Pingback: Stuff by Sarah » Zero Comment Spam

  51. Pingback: 50 All Time favorite blogging resources » A blog you can use!

  52. Pingback: How to Stop Comments Spams~ at M3nghua.com

  53. Pingback: 16 Must Read Articles To Get The Most Out Of Your Blog

  54. Pingback: Evsionlab.com » 16 Must Read Articles For Bloggers

  55. Pingback: 16 Must Read Articles For Bloggers » TheHindiMusic.com

  56. Pingback: 16 Must Read Articles For Bloggers » ddl9.freehostia.com

  57. Pingback: Hong Xiaowan's Studio

  58. Pingback: Tips: Blogging like the Pros | krakoo.com

  59. Pingback: 吴智勇的博客 | 我喜欢的50个博客资源

  60. Pingback: Consejos para combatir el spam en foros. | Blog de posicionamiento en buscadores y e-marketing

  61. Pingback: payday loan cash fast loan payday

  62. Pingback: kostenlose casinospiele

  63. Pingback: 16 Must Read Articles For Bloggers «

  64. Pingback: card christian consolidation credit debt credit card debt credit card debt consolidation program

  65. Pingback: Хочу все знать » Blog Archive » 50 ресурсов для блоггера…

  66. aspeseeKigree

    If anyone is looking for a no nonsense way to make money fast, these guys are the best
    it took me a few days to get going, but they were very helpful. Two weeks in and i just
    got my first $1,000 check. This works by spreading the word, so I’m spreading the word.

    Check it out here: http://www.17getmoney.info

  67. Pingback: Bookmarks of the Day - Buzzsonic.com

  68. Pingback: Top 50 artikelen over blogging - Frankwatching

  69. Pingback: No More Comment Spam! 46+ Free Tools and Resources to Stop Blog Spammers | Virtual Hosting Blog

  70. Blog spam expert

    Given some of the comments on this blog your spam filters could do with some tightening! Spam is like an arms race – the more defences you put up the more effort spammers will put into cicumnavigating you.

    The trick is to use a range of different techniques – IP blocking, response tokens, keyword filtering, etc.

    I also think that tools such as WordPress provide pretty poor spam support all told. Askimet helps, but they could do more with their basic comments template to help deter spammers.

  71. Chuck

    Hello Sir,

    I have a question please. Could you tell me where within my htaccess file I place the list of anon proxies list? I use wordpress and I don’t know if that list goes before the standard wordpress htaccess stuff, or after it. Thank you

  72. Pingback: 我喜欢的50个英文博客资源 | SEO Maven -公益性的英文SEO搜索引擎优化,搜索引擎营销SEO博客。

  73. Helga

    Hello, nice site look this:
    http://bestfreeporn.gofreeserve.com/free-black-woman-porno-clips.html||free black woman porno clips
    http://bestfreeporn.gofreeserve.com/free-full-lenght-pornos.html||free full lenght pornos
    http://bestfreeporn.gofreeserve.com/watch-awsome-free-porno-online.html||watch awsome free porno online
    http://bestfreeporn.gofreeserve.com/free-porno-tube-streams.html||free porno tube streams
    http://bestfreeporn.gofreeserve.com/free-long-playing-older-women-porno-videos.html||free long playing older women porno videos
    http://bestfreeporn.gofreeserve.com/free-online-porno-games.html||free online porno games
    http://bestfreeporn.gofreeserve.com/free-hardcore-exclusive-kanye-west-bisexual-porno-galleries.html||free hardcore exclusive kanye west bisexual porno galleries
    http://bestfreeporn.gofreeserve.com/porno-free-pictures.html||porno free pictures
    http://bestfreeporn.gofreeserve.com/free-porno-thumb-movies.html||free porno thumb movies
    http://bestfreeporn.gofreeserve.com/free-young-foreign-porno-videos.html||free young foreign porno videos

    Nu kogda ge,kogda uge!!!

  74. Seth Haeuser

    hello, Thank You for this blog. we are reading at blogs to see how others are running them and how they look. Thought i’d post “Good Looking”

  75. Add your Site

    I think we are just redesigning what a business plan is or maybe I really am not sure what a business plan is. But if you are building a powerpoint on how your company is going to make a ton of money and you need to invest in me. To me that is a business plan. So you need some structure.

  76. Pingback: My best seo resource(50 blogging resources) | r4 card && ps3 jailbreak

  77. Tanner

    WOW!!! Im soo glad I just read this post, I get so many spam comments on one of my blogs about baby clothing Its super annoying. I cant wait to change my comments file name (stupid spam bots!) Thanks for the info. Jeremy!!!

  78. seobridging

    The Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog sure, it’s focused on blogs, but there are some great tips for forum owners in general if you don’t mind getting . Thanks for sharing info.

  79. Pingback: Free Blog Resources | My Blog

  80. mra

    Really these info are great. So many great tips are available online but only the people like shoemoney can bring them to their user. Thanks for this to check the spammers on blog comment.

  81. GolfFitness

    In wordpress, there is a file that named wp-comments-post.php. To stop blog spam from hitting your blog, you need to change the file name to something else like wpc.php. Then you have to change your theme to reflect the new location of wordpress comments file. It will kill 100% automated spam bots.

  82. Gibson

    Thank you for the wonderful and insightful post, will definitely be recommending your blog to my friends – My hubby is actually into this kind of thing, he’ll be chuffed! 😀

  83. Spam Terminator Level 1

    Why is there so much spam on your site- about how to block spam automatically? I know that it’s extremely easy to go back and remove them, especially if they show up on the last page (first page read)… what’s up? do these techniques no longer work? I don’t expect you to publish this, just wanted to ask and alert you that there is 10+ spam messages for everything from teens making money online to viagra (but not viagra?) lol… kudos for trying to help the little guys defend against the goliath spam bots :) – that is all- Please pull up to the next window and pay the cashier.

  84. Rodney

    Those are some great tips.. You can also make your post nofollow.. most blogs already come like that tho, ex. Blogger…

  85. James

    How ironic that there is so much spam on this post. I can only imagine the amount that you have to deal with on a daily basis.

    I love the idea of renaming the comment field from the default wordpress one. I’ll have to try that out.

  86. Inboxnetbiz

    Wow, great post. I thought spamming existed in emails only since they use autoresponders. Wonder how they can spam blogs too? Your post certainly enlightenment on the technicals of how it works.

  87. Pingback: Ways To Stop Stuttering In Children | Kill Your Stutter

  88. Pingback: Easy Ways To Conserve Gas While Driving « Can You Be Sure….

  89. Pingback: m2m media » Why All Internet Marketers Need To Be Religious | m2m media

  90. Pingback: Mass Tweet

  91. Pingback: Make Money With Glenn Beck (no really) » M2M Media

  92. Pingback: Make Money With Glenn Beck (no really) | m2m media

  93. Pingback: My social ROI by network | m2m media

  94. Pingback: Adet Gecikmesi ? » Answers Archive » Only individual proj

  95. Search

    I really like what you guys are usually up too. This sort of clever work and coverage! Keep up the fantastic works guys I’ve incorporated you guys to my own blogroll.

  96. Pingback: How to avoid forum spam » GoldBuxer Blog

  97. ray ban sunglasses

    As classic as they come, these iconic Ray-ban shades will keep your little one’s peepers looking cool and protected. With a partial metal frame and black plastic arms, the distinctive branding on the right lens complete the accessory for a timeless summer look.

  98. cheap sunglasses

    When you are enthusiastic about finding out much more about classy metallic clutches, browse right select your choice. Examine this source to understand the way all these cool and trendy wholesale handbags donate the style enterprise.

  99. urgent payday loans

    The loanword sum can be returned back a course in some new spot I have ne’er heard of, and thither’s no map to
    find out where it is. fast payday loans uk The lender will reappraisal your loanword application program and
    you exist.””Censorship reflects a society’s lack of authority in itself.

Comments are closed.