Spammers Ahoy!

$1.579

So, how did I get the porn spammer to leave me alone? The best answer would be to make a change at the firewall, denying the suspect IP addresses any access to my network. So far, I haven’t gone to that drastic a step.

The first thing I did was change the rules for comments in WordPress. I haven’t changed things to the point that all comments need approval, but if there are “magic words” or suspect IPs in the comment or fields, then that comment is quarantined until I can look at it. Strike one.

The next thing I did was make a change to my WordPress code to reflect a “site down” message if the request comes from suspect IPs. Strike two.

< ?php
$blocked_ip = array();
$blocked_ip[] = '1.2.3.4'
foreach($blocked_ip as $blocked) {
   $ip = $_SERVER['REMOTE_ADDR'];
   if($ip == $blocked) {
      echo "Site is down for maintenance.";
      exit();
   }
}
?>

The final thing I changed was in Apache’s configuration to deny serving any web pages to suspect IPs. Strike three.


Order Allow,Deny
Deny from 1.2.3.4
Allow from all

Now, that’s probably not a complete solution, but it seems to be working pretty well. The obvious maintenance is in adding suspect IPs in three places, but I suspect I can script that to make it pretty easy. Even if a suspect IP leaves an unwelcome message (presumably with some of the “magic words” in it), WordPress will supress it until I get a chance to take a peek.

There’s still a fair amount of manual labor to keep things safe — and I’m sure I should be flattered that the spam mongers have found my little site. Every one of these incursions, though, is a learning opportunity for me! 🙂