Comment Spam

It seems like the user-agent for the robot is Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)
This code in my .htaccess has done the trick for me:
SetEnvIfNoCase User-Agent “^Mozilla\/4.0 \(compatible; MSIE 5.5; Windows 98; Win 9x 4.90\)” denyThis
<Limit GET POST>
Order Allow,Deny
Allow from all
Deny from env=denyThis
</Limit>

https://sm.farook.org/files/WPBlacklist261.zip
This is the newest Blacklist that just came out today. Seems to work for me, I have already caught 10 spam attempts by the poker freak.

xqus, you do realize that you’re now blocking anyone from viewing your site with IE v5.5 under Windows 98, don’t you?

The renaming trick working like a charm over here! Thanks!

The renaming trick works for most of the spam robots – as long as you remember to delete wp-comments-post.php off your server too as somebody mentioned :p There are however, a few robots out there which seem to parse the entire index.php file to find what the comments file name is, I’ve also changed the comment form variables but still a few get through probably because the robot parses the comments form and gets the variable names too. So, as somebody mentioned, this is like the cold war where you have to adapt to constantly keep ahead of the spammers. A combination of methods is the best way to go – I mentioned the combination I use in a different thread here: https://www.ads-software.com/support/3/15232

I’m wondering if it’s possible to use .htaccess to protect wp-comments-post.php (or its renamed versions)?
Since renaming it the comment spam seems to have stopped but I’ve gotten 404 errors on wp-comment-post.php so I think it’s a matter of time before the spammer catches on and parses wp-comments.php to find the file.
My idea is to have .htaccess prevent spambots from making direct requests to wp-comments-post.php (or similar), but allow requests made through the normal comment form.
Does anyone know if this can be done? I’m afraid I know next to nothing about Apache, so it may just be wishful thinking here.
Otherwise, chiensavant’s security images (https://www.ads-software.com/support/3/13443#post-79307) sounds like a good idea. Maybe it should be implemented into the next version of WP?

i’d be surprised if a captcha were included in the wp core. the developers despise captchas due to accessibility issues.
however, you can use the authimage hack.

I’m using an older WP version – 0.72. Is there any way for me (except updating, duh!) to do the same? I’ve tried renaming the b2comments files in the spirit of what is described above, but when I try to post a comment, I get hit by an error message. Any input?
Cheers,
Irina.

I would like to approve individual users and have only those I approve be allowed to post comments. Is there a plugin that will do this or should I try to figure out how to code this myself? I am new to php and don’t really have a clue where I would begin.
But I do feel that the only way I can stop the 20 spam comments I am getting every five minutes (and the moderator emails associated with them) will be to not allow any comments unless the person posting them is “trusted.”

There is something for this:
“only registered and logged in users are able to post to your blog”
https://www.tamba2.org.uk/wordpress/spam/#three

The spammer who got to my site not only called wp-comments-post.php directly, they did if for future posts. So, that means that I immediately got a comment with their spam when I posted a new article. I used phpMyAdmin to remove all 25 or 30 of their stinkina€? posts and then set up some Apache mod_rewrite rules. No one can access wp-comments-post.php directly anymore. They must be refered from my site, which makes sense as the only way you should be able to post a comment is if you first see the story.
I Added this to my Apache httpd.conf file for my blog site (blog.mecworks.com):

RewriteEngine On
RewriteCond %{HTTP_REFERER} "!^https://my.site/.*$" [NC]
RewriteCond %{REQUEST_URI} ".*wp-comments-post.php$"
RewriteRule .* - [F]

Remember to change “my.site” to your site and the ‘wp-comments-post.php’ file name to what ever you have called it if you have decided to change it’s name as well. Notice that you may prevent legitimate users from making comments if their browser does not send the referer header – shame on them.
—
Marc Christensen: blog.mecworks.com

Excellent. Twelve hours worth of comment spam has been replaced with twelve hours of 404 errors. That’s fine by me. ??

I’ve renamed wp-comments-post.php to a random string of letters and numbers: something like qxx21227A.php. I’ve also used the Apache rewrite in an .htaccess file in my blog directories.
We’ll see if it works.

I’ve been getting hit by a spammer constantly since Thursday. I find that I can block him by changing your condition to:
SetEnvIfNoCase User-Agent "^Mozilla\/4.0 \(compatible; MSIE 6.0; Windows NT 4.0; PCUser\)" denyThis
I’ve also written a plugin called from post_comment_text which looks for some unique spam words in the comment and calls die() with a nasty message before it even gets to be moderated.

Mike, with your hack you’ve just blocked anyone who wants to leave a comment with MSIE 6.0 under Windows NT v4.0. While that’s probably the spammer most of the time. It’s generally not a good idea to alienate your current and future viewers like that. There are better ways.