stopping splogs – the nuclear option

I’ve been battling sploggers on UCalgaryBlogs continually. I just finished marking about 50 users/blogs as spam – that’s since yesterday afternoon. I could easily stop the problem outright by requiring people to use an @ucalgary.ca email address to create a site, but that goes against the possibility of anonymity, and many (most!) students don’t use their campus email addresses.

I currently run Bad Behavior, as well as ReCaptcha. They stop the automated splog creation scripts, but there seem to be a LOT of people employed around the world to manually enter forms in order to get around captcha and anti-spam/splog techniques.

In looking through the WordPress.org forum on multisite (nee WPMU) issues, I found a new post called “Splog Spammer Final Solution?” It sounded a little like overkill, but when I thought about it, almost all splogs created on UCalgaryBlogs have come from a handful of countries. Countries where it’s not very likely that students and faculty will be creating new sites from. So I decided to try it out.

The forum post links to a page containing lists of IP addresses and blocks belonging to countries where splog/spam activity is off the charts. All you do is copy some text, drop it into your .htaccess file, and hey presto. No more sites created from those countries.

Initially, I just banned all access from those countries. But that felt like a pretty slimy thing to do. So I stepped back and am now only blocking access to the site creation form wp-signup.php from those countries. If anyone affiliated with the university needs to blog while traveling the world, they’re free to do so, but they’ll need to have created the blog site from outside the Spam Zones. They should be able to access their sites, post content, etc… from anywhere.

I just tested the new splog-blocking technique, and it appears to be working. I’m really curious to see if it makes a dent on new splog creation.

The wp-signup.php script is blocked in Spam Zones:

Screen shot 2010-10-05 at 10.50.54 AM.png

But the rest of the service is available as usual:

Screen shot 2010-10-05 at 11.33.37 AM.png

The .htaccess file for UCalgaryBlogs now contains this at the bottom (after the WordPress stuff):

# block the fracking evil splog spammers
<Files wp-signup.php>
order allow,deny

(the contents of the various country block files go here)

#
allow from all
</Files>

Update: Duh. Instead of trying to blacklist IP addresses and blocks of suspected spammers, it makes more sense to whitelist IP addresses and blocks that are likely to be used by valid users trying to create sites. I’ve modified the .htaccess file to deny access to wp-signup.php to everyone but those accessing from IP addresses that don’t smell suspicious…

2 thoughts on “stopping splogs – the nuclear option”

  1. Pingback: Spam / Splog Wars

Comments are closed.


The spammers win. I've disabled comments. Again. It's just not worth having to deworm my site from the inane autospam jabber that trickles through the spam filters. Sorry. I can be contacted via the Contact form here on the site, or out on the internets.

BUT I WANT TO POST A COMMENT HERE. WITNESS THE OPPRESSION INHERENT IN THE SYSTEM.

If you need to post a response, trackbacks are enabled and will be displayed normally.

The Trackback URL for this post is:
http://darcynorman.net/2010/10/05/stopping-splogs-the-nuclear-option/trackback/