spamUnless your Lisa Picarille from Revenue Magazine ( check the trackbacks on this whoper )you know that you would have to be a idiot to automatically approve all comments and trackbacks on your blog right? Well Even that is a pain in the ass so I made a list of ways to stop the spam before it gets that far.

I have come up with the 5 easiest and best ways to fight comment spam. These are ways to stop spam from ever getting to your blog…. btw if you dont know what akismet is then stop right now and set that up first. This is just to help you stop the spam from even getting the that level. The first 2 require editing of the .htaccess. The rest are wordpress plugins.

5) Deny Access to No Referrer Requests

When humans comment on your blog they have read the post and leave a comment. This of course leaves the referal from your blog. One easy way to block spammers is to check for the referal. Simply paste the lines below into your .htaccess file in the root of your webserver.

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*shoemoney.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://whereyouwanttosendthem.com/$ [R=301,L]

What you need to edit:

RewriteCond %{REQUEST_URI} .wp-comments-post\.php* – If you are not running a wordpress blog then you will want to change that to the file that gets the post for comments.

RewriteCond %{HTTP_REFERER} !.*shoemoney.com.* [OR] – obviously you want this to be your domain.

RewriteRule (.*) ^http://whereyouwanttosendthem.com/$ [R=301,L] – this is where you are redirecting them too. This probably does not matter since the automated spambots will not follow redirects.

Done!

4) Kill tor anonymous proxies

Thats cool people want to surf anonymously and all that but being that about 75% of my comments come from tor proxies its much easier just to block them.

simply go here and copy this to your .htaccess to block all the tor servers

3) Stop Comments On Older Posts

Spammers target older posts for 2 reasons.

A) they show up in search engines and thus they know:

  • search engines value the page pr wise
  • it could be relavent to the keyword they are trying to spam

B) You wont see it. – since the post is old its unlikely that you would ever notice thus greater chance of sneaking it by you.

You have a few options to fix this-

You can manually disallow comments for posts after x amount of days (ick)

If you have wordpress you can download this plugin
which will automatically close off comments and trackbacks after 21 days.

If you have some h4x0r skills you can setup a cron job (thats a automated task to us ninjas) that will edit your database directly checking for past posts and setting the comments and

2) Blacklist Repeat Offenders:

When some spammers do get in you can blacklist there ips so they wont ever be able to again… this process does suck a bit but its a option.

Again edit your .htaccess file:

order allow,deny
deny from 192.168.1.1
deny from 192.168.1.*
allow from all

Remember * represent wildcards

1) Rename your comment file

The default for wordpress is wp-comments-post.php by simply renaming this file to say… wpc.php then changing your theme to reflect the different location for the comment file you will ward off a TON of spammers. This will kill 100% of the automated spam bots.

Your probably saying to yourself… well so what? How could this effect my revenue! Well the answer is all the hardwork and time you have spent building the reputation of your site can be QUICKLY destroyed by giving these spammers NAKID (no link condom) links. You know what they say… Imagine everyone you link to and who they have linked to and who they have linked to …. eek!

A good resource I like to read from time to time is SpamHuntress

By Jeremy Schoemaker

Jeremy "ShoeMoney" Schoemaker is the founder & CEO of ShoeMoney Media Group, and to date has sold 6 companies and done over 10 million in affiliate revenue. In 2013 Jeremy released his #1 International Best selling Autobiography titled "Nothing's Changed But My Change" - The ShoeMoney Story. You can read more about Jeremy on his wikipedia page here.

127 thoughts on “5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog”
  1. Just a couple type-o’s… not sure if you care.

    2nd word in the post should be “you’re”, not “your”.
    2nd bullet under #3 should be “relevant”.

    Please delete (don’t post) this comment.

  2. Thanks for the advice. I am in the process of setting up a support blog and your post has come at the right time. Cheers!

  3. Thanks for the tips. When I start getting enough traffic and interest in my blog that people are leaving comments on my posts, I will certainly implement those tips.

  4. Hey Shoe,
    Do you have any idea why sites like blogger.com make it so easy for comment spam to happen? Is there a good reason that they haven’t enacted such controls across the board over there? I mean I know it’s not just waving a hand and -poof- they can eliminate it all, but the impression I have is that more could be done. Any thoughts?

  5. Awesome tips Shoe! I’ve been using Akismet (which works great), but I am definintely going to try out a couple of these tips…

  6. Why don’t you just use SpamKarma?

    On my blog, it has approved 306 comments, rejected 20,826 spams and asked me only what should be done for 22 messages (which were really borderline and forced me to think about them) in more than one year. And I check my log: it has never sent a legitimate comment to hell.

  7. I wonder if it’s helpful to think of #5 as a lightweight Turing test–a way to prove it’s a human and not a bot. That’s what captchas do, but at enormous cost and difficulty. I use a solution that’s probably midway between the two in terms of complexity: forced preview.

  8. I suggest you make sure you use the correct spelling of “you’re”, especially when you’re insulting someone else 😉

  9. […] Shoemoney, one of the most recognized face in the SEO universe, has written five 5 simple tips to stop spammers from targetting your blog. His suggestions includes disabling comments on old blog posts as they are the most frequent targets of comment spam because of two reasons: A) they show up in search engines B) You wont see it. – since the post is old its unlikely that you would ever notice thus greater chance of sneaking it by you. […]

  10. Just what I was looking for, thanks for the cool tips. Now if the spammers are reading this, I wonder, how long before they figure out ways around these tips.

  11. I just have a field on my site that says “To combat comment spam, please enter the word ‘elbow’ in this field.” It works 100% of the time, and if someone automates it, I’ll just change the word.

  12. On my blog the comments have a subject, I found that almost all spammers will put the same name as subject, so simply denying that prevents a great deal of spam.

  13. “5) Deny Access to No Referrer Requests”

    I read this post via Mozilla Thunderbird and that certainly didn’t send a referrer. I guess I’m not welcome here when you wouldn’t want me to post. :p

  14. Before I had image verification on my blog, I had problems with spam. Akismet is good, but it’s not flawless, so certain spam would get through, likewise, certain legit comments would wind up in the Akismet blocked list. Since I didn’t want to go through the hassle of always having to go through hundreds of spam comments, I just added a verification plug-in.

    Some of my handful of readers may not like it, but they cope, and I no longer have *any* spam. I turned off Akismet so it would stop with the false positives.

    Robots can’t read images and it’s much less work on the admin end of things.

  15. You forgot the most important (and easiest) way for eliminating (in my case) literally 100% of all spam I was getting.

    (drumroll please)
    Akismet

  16. Hey Jeremy, can you share what kind of referral traffic you’re getting from Digg and Del.icio.us?

  17. […] Recently I have been getting about 100 spam posts a day on my blog, it is getting annoying to the point that I simply ignore all comment posted notification e-mails and just check for valid comments once a week. Shoemoney has written a very informative article on simple ways to stop blog spam and I have implemented 2 of the 5 htaccess updates he recommends. […]

  18. I’m running WordPress and have it set so that a user must be logged-in to post a comment. I’m getting spam comments from non-users. How can this happen?

  19. Revenue Magazine appears to use b2evolution for their blogs. That blogging tool has been known for very bad support for anti-spam plug-ins.

    Now, about your toughts, I would like to comment those :

    5) Deny Access to No Referrer Requests

    I’ve already seen some visitors using privacy protection tools removing their browser’s referrer information, making it empty or modified. Preventing those people from commenting your blog appears to lead to block false positives.

    4) Kill tor anonymous proxies

    Using DNS BLs and so also leads to false positives. Hijacked computers are often used as anonymous proxies or identified as such. However, these computers also often use dynamic IP addresses, so the next Internet user having the same IP address a couple of days laters might be blocked. I encountered a false positive on a blog where the user was unable to post comments, while the user was previously known as for commenting my blog.

    1) Rename your comment file

    I haven’t seen any change in spamming load after renaming my comment file. Spammers came back in hours.

    Don’t forget the .htaccess file is parsed for every file open by your web server. Once I had a .htaccess file full of anti-spam techniques (about 3.000 lines of spamming referrers and open proxy IPs), 80% of a page load was spent by the server to parse the .htaccess file…

  20. Wait a minute:

    Aren’t you going to deny access to ALL robots because they don’t send referrer? I would not do that.

  21. […] Link here. […]

  22. […] 30/9 – Stop Spam for Your Site September 30, 2006 […]

  23. […] via Black Hat SEO (equals spammer?) Mr. Shoemoney (i guess he knows best) […]

  24. Here is a little secret. One of the major spam programs has some generic built in searches for Google. Here is the MAIN thing it searches for (not in quotes):

    powered by wordpress
    welcome to wordpress

    So get rid of those phrases at the bottom of your site and the spam will go down a bit. Keywords can be added to vay the search but those at the top of the SE will be getting hammered with spam. I am guessing other spam bots look for similar generic wordpress text. 🙂

  25. I’ve read these tips before. They’ve been around for eons. And unfortunately they don’t count for squat. They can all be dealt with using automata VERY easily, and are bypassed every day.

    The ONLY way to be certain you’re going to nail it automatically, is to use CAPTCHAS. And quite frankly, its far more cost effective than banning from blacklists… Oh no, lookout.. SHOEMONEY CAPTCHA BANNERS.. made spcially for mini-me’s 😉

  26. I guess my comment is somewhat inline with KWA’s. I understand the need to fight spam, and you’ve got some great ideas, but it seems a shame to disallow anyone using the tor servers…especially with the tor version of firefox out there now. Just my two cents.

    -Steve

  27. if you look it only blocks post requests, normal robots don’t post to your blog at least not the ones i’ve seen.

  28. I’ve been using Spam Karma on many blogs for several months now and couldn’t be happier. You just install it and activate it. That’s it. It’s stopped thousands of spams, only let one through, and only blocked a couple of legitimate comments.

    I can’t imagine anything better.

  29. Akismet absolutely rocks! I’ll have to try your other stuff, too, but Akismet is simply a great gateguard.

  30. […] A client contacted me a few days ago and requested that I add a few additional SPAM impediments to his WordPress blog. These improvements were based on a post over at Shoe Money that has some excellent pointers. […]

  31. […] Danke an Shoemoney: 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog […]

  32. EveryDigg » Blog Archive » 5 Quick And Easy Ways To Stop Blog Spam BEFORE it gets to your blog says:

    […] A great list of easy ways to stop comment spam before it ever hits your blog.read more | digg story […]

  33. […] October keith.schilling09:29 amAdd comment No not me..but its funny how well known SEO gurus can play off one another.  Take for example Shoemoney’s post on defeating comment spam on blogs.  Then you have Jaimie shooting back with how to get away with spam.  Both have diggs to drive traffic to their sites…both great at making them link baits. […]

  34. zvonko.biz - 5 Ñ?поÑ?обов напиÑ?ать отличный Ñ?пам says:

    […] ЕÑ?ли shoemoney пишет про то как Ñ?пам оÑ?тановить, Ñ? напишу про то, каким образом его можно продолжить. Ð?е поймите менÑ? превратно. Я ненавижу Ñ?пам, кроме тех Ñ?лучаев, когда он Ñ?мешит или впечатлÑ?ет менÑ?. И поÑ?кольку дни идут, и вÑ?е больше людей менÑ? читает, Ñ? заметил, что количеÑ?тво Ñ?памеров, обращающих на менÑ? внимание, неуклонно раÑ?тет. […]

  35.   5 Ñ?поÑ?обов напиÑ?ать отличный Ñ?пам - ДомашнÑ?Ñ? Ñ?траница SEO says:

    […] Ð?емного Ñ?умбурнаÑ? но забавнаÑ? и, может быть даже в чем-то полезнаÑ?, Ñ?татьÑ? про Ñ?пам в блоги. ЗатрагиваетÑ?Ñ? тема Ñ?оциальной инженерии в Ñ?паме. ЕÑ?ли shoemoney пишет про то как Ñ?пам оÑ?тановить, Ñ? напишу про то, каким образом его можно продолжить. Ð?е поймите менÑ? превратно. Я ненавижу Ñ?пам, кроме тех Ñ?лучаев, когда он Ñ?мешит или впечатлÑ?ет менÑ?. И поÑ?кольку дни идут, и вÑ?е больше людей менÑ? читает, Ñ? заметил, что количеÑ?тво Ñ?памеров, обращающих на менÑ? внимание, неуклонно раÑ?тет.   Ð?айдено на:   zvonko.biz Ваша оценка:    (ГолоÑ?ов пока нет)  Loading … 10 отговорок заказчика, которые должен знать каждый фриланÑ?ер ← → […]

  36. […] 2. 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – sure, it’s focused on blogs, but there are some great tips for forum owners in general if you don’t mind getting your hands dirty with .htaccess […]

  37. […] 2. 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – sure, it’s focused on blogs, but there are some great tips for forum owners in general if you don’t mind getting your hands dirty with .htaccess […]

  38. […] I think that pretty much sums up all the spammers on the internet with advertisement crap or those stupid kids / foreigners. If you want to protect your blog from these stupid spammers aswell id suggest you read this article I found: ‘5 Quick and Easy Ways To Stop Spam Before It Hits Your Blog’. Have fun blogging =) […]

  39. […] How to Prevent Blog Spam Before it Happens […]

  40. Deny Access to No Referrer Request

    I know I’m a little late to the party, but, was reading through older posts here and found the above tid-bit.

    I have to say that this *may* not be a good idea. I do much programming with “widgets” on third party sites, and the widgets are heavy users of the referrer. One thing that I’ve discovered is that ad blocking software on browsers tend to not send a referrer. Also, some personal firewals (try Microsofts default firewarl) tend to block the referrer.

    This is a lame attempt to solve the problem of viewing ad’s on a site, but one deployed none the less.

    If you block no referrers you may be blocking VALID attempts for access.

    –Random comment 🙂

  41. Great tips! But my site is so small that i dont have much trouble with spam 😀 In the future i’ll implement these. Thanks

  42. A client contacted me a few days ago and requested that I add a few additional SPAM impediments to his WordPress blog. These improvements were based on a post over at Shoe Money that has some excellent pointers

  43. […] Blog Launch Scobleizer – Robert Scoble’s blog, one of the authors of Naked Conversations. 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – Shoe Money breaks down how to fight spam before it hits. 10 Techniques to Get More Comments on […]

  44. […] your new comment file and hit it. There are other solutions besides this one. Shoemoney had written these solutions quite some time ago and they do work. You should read it. Other than that, you should install this […]

  45. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your BlogJeremy Schoemaker (Shoemoney) […]

  46. I indiviudally approve every comment, but I don’t get hundreds of comments a day like you do.

  47. Thanks for this informations. yararli bilgiler icin cok tesekkurler. (escuse me my english is bad.)

  48. This is a nice post about book Gift cards and its a very needed information.
    Thanks for such an important post.
    Thanks

  49. Thanks for the tips. After searching for information about this topic I must say this is straight to the point. Very useful.

  50. Интересно. Значит надо какие-нибудь поправки вносить.

  51. […] 5 Quick and Easy Ways to Stop Blog Spam Before It Hits Your Blog: This uber-popular article gives bloggers detailed directions for blocking comment spam before it overwhelms your site. […]

  52. Given some of the comments on this blog your spam filters could do with some tightening! Spam is like an arms race – the more defences you put up the more effort spammers will put into cicumnavigating you.

    The trick is to use a range of different techniques – IP blocking, response tokens, keyword filtering, etc.

    I also think that tools such as WordPress provide pretty poor spam support all told. Askimet helps, but they could do more with their basic comments template to help deter spammers.

  53. Hello Sir,

    I have a question please. Could you tell me where within my htaccess file I place the list of anon proxies list? I use wordpress and I don’t know if that list goes before the standard wordpress htaccess stuff, or after it. Thank you

    1. Sure, spam is a pain. I often think, why the heck people spend so much time putting out this rubbish. Nice blog.

  54. This kind of thing needs to be stopped before it gets out of hand. So good work for posting about it.

  55. I can look for the reference to a site on which there is a lot of information on this question.

  56. hello, Thank You for this blog. we are reading at blogs to see how others are running them and how they look. Thought i’d post “Good Looking”

  57. Earning money on the internet is often hard at first but Its those that be persistant to it that always succeed.

  58. I really enjoy what you write on here. I try and visit your blog every day so keep up the good writing!

  59. I think we are just redesigning what a business plan is or maybe I really am not sure what a business plan is. But if you are building a powerpoint on how your company is going to make a ton of money and you need to invest in me. To me that is a business plan. So you need some structure.

  60. […] Launch Scobleizer – Robert Scoble’s blog, one of the authors of Naked Conversations. 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – Shoe Money breaks down how to fight spam before it hits. 10 Techniques to Get More Comments […]

  61. Your posts help me many times to take good decisions. Thanks – ED Levitra, Pharmacist from Washington

  62. WOW!!! Im soo glad I just read this post, I get so many spam comments on one of my blogs about baby clothing Its super annoying. I cant wait to change my comments file name (stupid spam bots!) Thanks for the info. Jeremy!!!

  63. The Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog sure, it’s focused on blogs, but there are some great tips for forum owners in general if you don’t mind getting . Thanks for sharing info.

  64. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog – Shoe Money breaks down how to fight spam before it hits. […]

  65. Really these info are great. So many great tips are available online but only the people like shoemoney can bring them to their user. Thanks for this to check the spammers on blog comment.

  66. How are you getting on using wordpress? I suck at html and coding so for me wordpress has been a god send.

  67. Earning money on the internet is often hard at firtst but. Its those that be persistant to it that always succeed

  68. In wordpress, there is a file that named wp-comments-post.php. To stop blog spam from hitting your blog, you need to change the file name to something else like wpc.php. Then you have to change your theme to reflect the new location of wordpress comments file. It will kill 100% automated spam bots.

  69. Thanks for sharing shoe!

    Do you know if the proxy blacklist gets updated daily, weekly or monthly?

  70. Thank you for the wonderful and insightful post, will definitely be recommending your blog to my friends – My hubby is actually into this kind of thing, he’ll be chuffed! 😀

  71. Why is there so much spam on your site- about how to block spam automatically? I know that it’s extremely easy to go back and remove them, especially if they show up on the last page (first page read)… what’s up? do these techniques no longer work? I don’t expect you to publish this, just wanted to ask and alert you that there is 10+ spam messages for everything from teens making money online to viagra (but not viagra?) lol… kudos for trying to help the little guys defend against the goliath spam bots 🙂 – that is all- Please pull up to the next window and pay the cashier.

  72. Those are some great tips.. You can also make your post nofollow.. most blogs already come like that tho, ex. Blogger…

  73. Wow this is pretty awesome stuff. I am starting to get hit hard on some posts. I will look into some of these now.

  74. How ironic that there is so much spam on this post. I can only imagine the amount that you have to deal with on a daily basis.

    I love the idea of renaming the comment field from the default wordpress one. I’ll have to try that out.

  75. Wow, great post. I thought spamming existed in emails only since they use autoresponders. Wonder how they can spam blogs too? Your post certainly enlightenment on the technicals of how it works.

  76. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog […]

  77. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog […]

  78. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog […]

  79. […] 5 Quick and Easy Ways To Stop Blog Spam Before It Hits Your Blog […]

  80. […] Only individual projects such as Manulife TEDA and Societe Generale global participation,doudoune moncler, many companies in the completion of additional shares quickly after diving,moncler outlet, the average stock fund positions for 82,moncler.But she did not thin,doudoune moncler,Investment earnings thousand times ,moncler,Man 50000 yuan for his girlfriend to buy 10001 ros,008 yuan ,moncler outlet, an increase of 14%,moncler,35the afternoon of D. consumer stocks. in a speech at the same time ,61 fund companies in 9 gallons , with a substantial increase in the proportion of space,120 people take turns to look after the burst coma female co.Another fund according to the insiders,This means that the medical engineering institute is expected in May this year prior to incorporation into the group of traditional Chinese medicine. the latest news pointed out,72%.120 people take turns to look after the burst coma female co […]

  81. I really like what you guys are usually up too. This sort of clever work and coverage! Keep up the fantastic works guys I’ve incorporated you guys to my own blogroll.

  82. As classic as they come, these iconic Ray-ban shades will keep your little one’s peepers looking cool and protected. With a partial metal frame and black plastic arms, the distinctive branding on the right lens complete the accessory for a timeless summer look.

  83. When you are enthusiastic about finding out much more about classy metallic clutches, browse right select your choice. Examine this source to understand the way all these cool and trendy wholesale handbags donate the style enterprise.

  84. The loanword sum can be returned back a course in some new spot I have ne’er heard of, and thither’s no map to
    find out where it is. fast payday loans uk The lender will reappraisal your loanword application program and
    you exist.””Censorship reflects a society’s lack of authority in itself.

  85. A blog like yours ought to be earning much money from adsense.

Comments are closed.