Block Those Comment Spammers

Guest post
by Gordon Long

For those of you who run blogs (and don’t we all?) and are getting a lot of spam emails and attempts to put up garbage in your comments section, I’ve been doing some work on it. Last month I got trouble from my website host for too much database use. In trying to figure out why, I discovered that I had over 10,000 spam emails in my mailbox! In one month. Sort of fills up the disc space.

So what can you do about it? Most of us think, “That’s too complicated,” but I found out I could at least get started. It’s a learning process we all should take a stab at.

1. What Is an Internet Protocol (IP) Address?

It’s a set of four numbers with periods in between. Like 25.227.13.157. I just made that one up; I hope it isn’t yours. (It might also look like 2001:db8:0:1234:0:567:8:1 but don’t worry about that. It works the same way.) It identifies your computer, unique from every other computer in the world. It’s how the techies find you if you’ve been naughty.

2. Go Hunting!

The first step is to go into your web host dashboard and find the useful apps. I can’t tell you the specific ones; every website host has its own apps. You should get familiar with these programs anyway. Mine (shown in the picture) is from Cpanel X, which I believe is quite common. I have “Webmail” in the Mail section, “Latest Visitors” in the Logs section, and “IP Deny Manager” in the Security section. These are the three I used.

cpanelx fighting spam 13. Is It a Spammer?

Look in “Latest Visitors” at each IP address, page viewed, and date of entry. (Screen Grab below) If you’re getting a response from your latest blog, it’s probably a legitimate reader.

If you are getting a constant response from a post that is several months old, that URL is probably on a spam list, and it will keep getting targeted.

You can sometimes tell by the timing; another reason to post regularly. If you always post on Sunday, like I do, then you can assume the largest number of legitimate visitors will be near the beginning of the week. More spammers near the end.

If you zero in on a suspicious user, go to <network-tools.com> and enter the IP address. What you find there will give you a better idea of who you are looking at. (I suggest that few of us who post in English have many legitimate readers in China and the Ukraine.) Then return to your dashboard and find a program like “IP Deny Manager,” paste the IP address in and Presto! You’ve blocked a possible spammer.

Step-By-Step

  1. Go to your mail inbox and find a recent “Mail Delivery Failed” report. Note the time and the page on your site it came from.
  2. Go to your “Latest Visitors” Log and find that visit. There will often be several other visits from the same IP address, all in the same minute. (If you are using captcha filter, one of the visits will be from the filter.) I had one IP visited 28 pages in two minutes. Nobody reads that fast. This is a spammer. Copy the IP address into your clipboard.
  3. Go to your IP Deny Manager page and deny that IP access.

It takes less than a minute for this process. You can have a tab for each of the three pages open, and just jump between them.

Note in the example below from my “Recent Visitors,” 195.211.155.166 hit my blog 8 times in two minutes. I had two “Undeliverable Mail” messages from the “Update from Last Week” URL on my blog at 4:53 as well. Definitely a spammer. I went to my “IP Deny Manager” and denied that IP. Job done.

IP Deny Manager PageBrowse a Bit

While you’re in the Latest Visitors log, a bit of browsing gives you an idea of what your customers (and the spammers) are doing; it’s worth checking out. You may find that a few IPs are visiting you a lot of times. Unless you can trace the pattern of their visit through the navigation paths in your website, they are probably spammers.

I spent about an hour at this little game, and denied about 30 IPs. Mostly from China and Ukraine, one from France and one from Montreal. My spam level dropped noticeably. So did my website hits. However, my % of visitors who stayed more than 30 seconds shot up, so I assume more of my hits are real customers, now.

It took me a while to learn this, and an hour to do the first sweep, but now that I know how, I can go to my mail every once in a while and spend 15 minutes blocking the latest round of spammers. This will keep my site clean, keep my statistics more accurate, and make me feel a whole lot better.

Do Your Duty

Another action that made me feel good. I entered the IP of the spammer in Montreal at the Network-tools.com site, and got the name of the company that provided that IP with internet service. I went to their website, got their free phone number. The nice man there guided me to their “Spam Report” page, and I ratted on the turkey. Vengeance is mine!

Final Warning: Find Out Your Own IP Address!

Easiest thing in the world. Go to whatsmyip.org. It displays your IP address in big numbers at the top of the page.

Reason for this? Your own visits show up suspiciously different from a reader’s on the Latest Visitors log. In my enthusiasm, I denied myself access to my own site. Gave me quite a shock when I tried to look at my own website and was denied. At least I know it was working.

My Results

Well, I tried it for a couple of weeks, and was making some progress, but I got impatient. I had IPs from China and the Ukraine that had hit my site 5,000 times this year! Finally, I simply went into my “Deny Access” page and denied all numbers from those two countries. Instant drop in readers, of course, but I’m going to leave it that way for a month or so, then take further action. I don’t know what. Hopefully, I’ll learn.


Gordon A. Long is a writer, editor, publisher, playwright, director and teacher. 
Learn more about Gordon and his writing from his blog. Don’t expect to make comments on his blog at the moment, though. He has removed that function for a while! All of Gordon’s books are available through his Author Central page.

Author: Gordon Long

Gordon A. Long is a writer, editor, publisher, playwright, director and teacher. 
Learn more about Gordon and his writing from his blog and his Author Central page.

15 thoughts on “Block Those Comment Spammers”

  1. Great post! Excellent information and nice step-by-step process. I actually have noticed very little spam intrusion on my blog, so I’ve never checked out these tools. Good idea to be aware. I will take a tour of my blog tools and see what the look inside tells me. Thanks!

    1. Thanks, Melissa,
      I have no idea how I attracted so many spammers, but I did post from Vietnam for a while, and I have made a lot of comments about the political situations in Ukraine and Hong Kong. Maybe this is how they’re getting revenge!

  2. Many thanks for sharing this great info!!! Last year I had to remove comment form from my web page because of this sort of spam because I didn’t know what else to do.

    1. I’m considering doing what I think IU does. Nobody can comment unless they join up first. That way you only have to monitor them once.
      Anyone got any other ideas?

  3. Gordon,
    I pay $5 per month for Akismet. Every once in a while I get a spam comment, but they block most of the junk. I do like the idea of knowing how to look at what you suggested and in knowing what my own ip address is.
    Thanks!

    1. I think I’m using Kismet (the free version) but if I recall correctly that involves adding some html code to your site, and I’m not sure if I did it correctly. Thanks for the reminder. I’ll have to check.

  4. Thanks for the step-by-step instructions for this technique. I’ve set up my blog comments to close after a month, and that’s helped cut down on spam. As you point out in the article, most people are commenting when you post, so you don’t have that many legitimate comments on older blogs and therefore don’t lose much by closing down the conversations.

Comments are closed.