How to protect your blog from spam

Most of you are already using Akismet and other plugins to stop spam in your blogs, but all of those plugins use server CPU and memory to stop the spam so even if the spam isn’t showing up in your blog it’s causing problems for your server. In on of our blogs we got about 1 800 spam comments each day (!!!), but by doing like I will describe in this blog post further down the spam comments where reduced to only about 100 per day with increased server performance as a result 😉

Akismet and other spam fighting plugins for WordPress are doing the job fighting spam, but they all use server resources so if you get highly targeted by spammers the server could get slow even if all spam is blocked by the plugins. This is of course not good at all because that means your real visitors (the people that earn you money) get a bad experience from your slow web site 🙁

Since most spammers use proxies to spam (to hide their real IP address) it’s kind of easy to block most of the spam from your blog already on server level, so Akismet and the other plugins can focus on the spam not using proxies. This block can be easily done by using .htaccess files on a Un*x or Linux server.

.htaccess files are simply just text files called .htaccess (please note the dot before the file name). If you have a WordPress blog you already have one in the directory of your blog so just download it to your computer.

The standard .htaccess file from WordPress should look something like this:

# BEGIN WordPress

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]

# END WordPress

Before this text just add the following text:

<Limit GET HEAD POST>
order allow,deny
deny from 173.68.11.12
#
allow from all
</Limit>

This means that everyone will be allowed to access your blog, except users from IP address 173.68.11.12. You can add as many lines with “deny from [IP address or IP range]” as you need. In the .htaccess file for the blog where we got 1 800 spam comments per day we added the following IP ranges:

deny from 173.234.0.0/16
deny from 173.208.40.0/21
deny from 173.208.43.0/24
deny from 173.234.224.0/22
deny from 173.234.227.0/24
deny from 64.120.20.0/22
deny from 64.120.0.0/17
deny from 173.234.164.0/22
deny from 173.234.57.0/24
deny from 173.234.56.0/21
deny from 173.234.140.0/22
deny from 173.208.0.0/20
deny from 173.208.14.0/24
deny from 97.74.0.0/16
deny from 70.84.0.0/14
deny from 173.208.0.0/17
deny from 184.106.0.0/16
deny from 204.45.0.0/16

Most of these IP ranges belong to Ubiquity Server Solutions/Nobis Tech, since they host a lot of proxies on their servers.

If you have many blogs on one server the spam could cause a lot of load on the server and could mean to increased costs for you (since you have to upgrade the server to let the real visitors access your server). By using this method with .htaccess blocking we could save hundreds of dollars since we didn’t have to upgrade the server again to handle the load caused by spam.

[flattr /]

My FREE Insider’s Kit will show you how to earn more money!

I did a few corrections of spelling mistakes in the post 😉