Spam de commentaires sous WordPress : esquisse de solution

Spam de commentaires sous WordPress : esquisse de solutionMalgré le blocage des adresses Ip au niveau du pare-feu ou du serveur Apache, je continue d’être assailli de spam de commentaires au niveau de mes différents sites WordPress. Du coup, il m’a fallu réfléchir et, cette fois, je crois tenir une esquisse de solution. J’ai ajouté à la configuration de mon serveur Apache (vous pouvez le faire au niveau du fichier .htaccess si vous êtes en hébergement mutualisé) les quelques lignes suivantes après avoir passé la directive HostnameLookups à on .

Il s’agit là de me débarrasser de commentateurs venus de pays « exotiques ». L’avantage de cette solution est, contrairement au pare-feu, de ne pas bloquer les accès au site. Seulement aux commentaires !

Si vous avez mieux, je suis preneur !

<files ~ "(wp-comments-post|securimage_show|admin-ajax)\.php">
#<Limit Post>
Order allow,deny
Allow from all
Deny from 1.com 2m-equation.net 6core.net
Deny from accesshaiti.net adviceforbid.com affille.net aidensmusic.com albacom.net algx.net amazonaws.com anchorfree.com ardanhosting.com arsenalassociation.com as15003.net as43234.net as51430.net
Deny from berkelyx.com betterdomainhosting.eu bettys-news.com bezeqint.net bizevaluator.info btcentralplus.com
Deny from cantv.net cgi.ca cheapseovps.com chinamobile.com chirpan.com choopa.com choopa.net co.uk codelayer.org colocrossing.com colostore.net colt.net com.cn comcast.net comcastbusiness.com compsyscloud.com comunitel.net congesia.com contina.com continuumdatacenters.com correctnic.com crystalsoft-it.com cyberghostvpn.com
Deny from dimenoc.com dinaserver.com donbranco.com dnxserver.net
Deny from eastmidland.net ecatel.net eonix.net escaple3.com
Deny from fairlyclose.com fictto.com filemedia.net
Deny from gamespot24.com gategemstone.com ghostshosting.net globaltap.com googleusercontent.com guarmarr.com
Deny from heilink.com  hostedpanama.com hostvenom.com hostwindsdns.com 
Deny from karclub.com krypt.com kwaoo.net kyivstar.net
Deny from instantnotificationservices.com ipvnow.com ispsystem.net
Deny from jobcity.com jointventure.net
Deny from leasededi.com leaseweb.com limitless-servers.com lypfect.com
Deny from mach9servers.com marketstreetwifi.net megapath.net micfo.com milkmist.com mindcombinedserver.com myconsumerreward.com myhostmysite.com
Deny from norstway.com notsteyle.com
Deny from openskytelcom.net optonline.net ovh.net
Deny from pmsponsors.net poneytelecom.eu pontsparachute.com purewebtech.net
Deny from quadranet.com queryfoundry.net qinglongboye.com 
Deny from reputeo.ch romanelliproject.com rootleveltech.com rr.com
Deny from sagonet.net sbcglobal.net scalabledns.com secureserver.net serverhotell.net signalservis.net shineservers.com sleyfl.com slowplum.com smart-dns.net smartone.com softlayer.com solidseodedicated.com sologalaxy.com sometimessite.com sprintdatacenter.net starrt-fortress.com stratoserver.net steephost.net supcloud.net
Deny from tapestryteeth.com techserverdns.com telostor.ca telus.net topsfieldinternational.com torservers.net totbb.net trentexchange.com triolan.net 
Deny from ubiquityservers.com ubservers.com uk2group.com ultimatumetheme.com unil.ch unti-is.com
Deny from verizon.net vilayer.com virginm.net vmline.pl vntp.net volia.net
Deny from wa-01.com whackemcrackem.com wifirst.net
Deny from your-server.de
Deny from xi.com xssl.net
Deny from .ads .adsl .aero .af .ai .al .am .an .ao .aq .ar .as .asia .at .au .aw .ax .az
Deny from .ba .bb .bd .bf .bg .bh .bi .biz .bj .bm .bn .bo .boo .br .bs .bt .bv .bw .by .bz .by
Deny from .cat .cc .cd .cf .cg .ci .ck .cl .cn .co .coop .cr .cs .cu .cv .cx .cy .cz
Deny from .dad .de .dd .dhcp .dj .dk .dm .do .dz
Deny from .eat .ec .edu .ee .eg .eh .er .es .esq .eu .et
Deny from .fi .fj .fk .fly .fm .fo .foo .fx
Deny from .ga .gb .gd .ge .gf .gh .gi .gl .gm .gn .gov .gq .gr .gs .gt .gu .gw .gy
Deny from .here .hk .hm .hn .host .how .hr .ht .hu 
Deny from .id .ie .il .im .in .ing .info .int .io .iq .ir .is .it
Deny from .je .jm .jo .jobs .jp 
Deny from .ke .kg .kh .ki .km .kn .kp .kr .kw .ky .kz
Deny from .la .lb .li .link .lk .lr .ls .lt .lv .ly
Deny from .ma .mc .md .me .meme .mg .mh .mk .mil .ml .mm .mn .mo .mov .mobi .mp .mr .ms .mt .mu .museum .mv .mw .mx
Deny from .na .name .nc .ne .new .nf .ng .ni .nl .no .np .nr .nt .nu .nz 
Deny from .om
Deny from .pa .pe .pg .ph .pk .pl .pm .pn .pr .pro .prof .ps .pt .pw .py 
Deny from .qa
Deny from .ro .rsvp .ru .rw
Deny from .sa .sb .sc .sd .se .sex .sg .sh .si .sj .sk .sl .sm .sn .soy .sr .ss .st .su .sv .sy .sz
Deny from .tc .td .tel .tf .tg .th .tj .tk .tl .tm .tn .to .tp .tr .travel .tt .tv .tw .tz 
Deny from .ua .ug .uk .um .us .uy 
Deny from .va .vc .ve .vg .vi .vn .vu
Deny from .wf .ws
Deny from .xn--* .xxx
Deny from .ye .yt .yu
Deny from .za .zip .zm .zr .zw
Deny from 109.201.133.100
Deny from 158.255.215.107
Deny from 159.226.165.101
Deny from 176.145.108.38 176.53.21.210
Deny from 178.18.151.101 178.218.29.74
Deny from 193.111.136.162 193.51.246.65 193.56.243.102
Deny from 193.56.243.8
Deny from 193.56.245.39
Deny from 194.44.63.3
Deny from 195.138.93.46
Deny from 195.24.198.7
Deny from 2.5.211.94
Deny from 2.8.116.216
Deny from 212.35.164.252 212.35.166.210 212.52.159.74
Deny from 213.152.161.85 213.174.123.193 213.183.56.93 213.60.81.7
Deny from 31.129.170 31.38.83.85 31.44.91.220
Deny from 37.161.98.159
Deny from 37.165.204.159
Deny from 37.165.59.187
Deny from 37.58.132.68
Deny from 46.148.31.30
Deny from 46.161.9.24
Deny from 46.21.7.166
Deny from 46.218.163.97
Deny from 5.2.157.121
Deny from 5.230.153.21
Deny from 62.147.224.2
Deny from 62.210.111.38
Deny from 62.210.80.51
Deny from 62.23.15.92
Deny from 62.77.224.14
Deny from 77.200.124.147
Deny from 77.81.232.85
Deny from 78.153.240.173
Deny from 78.198.182.5
Deny from 78.242.113.121
Deny from 79.137.180.251
Deny from 79.141.163.15
Deny from 79.92.61.99
Deny from 8.37.231.87
Deny from 80.11.24.195
Deny from 80.12.110.207
Deny from 80.12.38.160
Deny from 80.84.50.18
Deny from 82.124.24.115
Deny from 82.126.139.229
Deny from 82.126.94.154
Deny from 82.145.217.115
Deny from 82.226.173.126
Deny from 82.230.165.58
Deny from 82.239.45.133
Deny from 82.241.162.2
Deny from 82.245.42.86
Deny from 83.114.80.175
Deny from 83.204.146.219
Deny from 84.100.58.103
Deny from 84.6.205.16
Deny from 85.114.6.54
Deny from 86.196.230.139
Deny from 86.209.172.219
Deny from 86.246.113.10
Deny from 86.70.120.161
Deny from 86.70.120.28
Deny from 86.70.58.12
Deny from 87.204.56.131
Deny from 87.231.0.214
Deny from 87.98.163.66
Deny from 88.159.172.245
Deny from 88.168.148.50
Deny from 89.105.228.5
Deny from 89.83.65.218
Deny from 90.108.143.163
Deny from 90.19.13.51
Deny from 90.52.28.8
Deny from 90.79.78.234
Deny from 91.121.132.52
Deny from 91.126.61.198
Deny from 91.176.63.45
Deny from 91.230.0.51
Deny from 92.142.17.190
Deny from 95.13.243.91
Deny from 95.210.223.190
Deny from 1
Deny from 100 101 103 104 105 106 107 108
Deny from 109.105.59 109.109.109 109.122 109.254 109.162 109.164.240 109.165 109.169 109.184 109.188 109.190.85.95 109.194 109.196.210 109.200.130 109.201.133 109.201.143 109.201.154 109.211.94.232 109.226.203 109.230.221 109.231.122 109.232.227 109.7.65.66 109.73.79 109.86 109.87 109.93
Deny from 110 111 112 113 114 115 116 117 118 119
Deny from 12 120 121 122 123 124 125 126 128.127.58 128.107 128.177 128.199.107 128.199.63 129.144
Deny from 13 130 131.156 131.255 133 134.249 136 137 138 139
Deny from 14
Deny from 140 141.0.14 141.138.205 141.255.156.61 142 143 144.172 144.217.15 145.255 146 148 149.56 149.202.98 149.255
Deny from 15 150 151.0.6 151.1 151.236.29 151.237.176 151.237.180 151.237.184 151.80.138.19 151.80.175.238 151.80.238.152 152 153 154 155.133.64 155.94 156.54 156.75 158.222 158.255.215 158.69 
Deny from 159.122.133 159.203 159.205.136 159.224 159.226 159.255.165 159.255.169 
Deny from 160.202.42 162 163 164.138.237 165 166 167 168.131 169.44.62
Deny from 170.130 171 172 173 174 175
Deny from 176.10 176.100.111 176.102.32 176.104 176.109 176.112 176.115.139 176.116.74 176.119 176.123.3 176.126.252 176.14 176.146.81 176.193 176.194 176.195 176.212 176.213 176.215 178.216.49 176.31 176.32.21 176.32.23 176.32.26 176.53.21 176.61 176.8 176.9 176.97 176.99 
Deny from 177
Deny from 178.121 178.124 178.125 178.137 178.150 178.158 178.159 178.162 178.168.30 178.17.170 178.17.174 178.172.230 178.175 178.184 178.187 178.19 178.20.55.18 178.206 178.207 178.210.219 178.213 178.216.51 178.216.54 178.217.187 178.218.29 176.222.154 178.23.129 178.233 178.237.87 178.250.45 178.32 178.33 178.44 178.57 178.62.165 178.73 178.76.243 178.82 178.94
Deny from 179
Deny from 180 181 182 184 183 185 186 187 188 189
Deny from 188.123.248 188.128.99 188.134 188.138.149 188.143.232 188.143.234 188.163 188.165.206.226 188.234 188.26 188.63 188.92.75
Deny from 190 191 192
Deny from 193.105.210 193.107 193.109.199 193.111.136 193.136 193.144 193.150 193.169.144 193.171 193.189 193.201 193.248.195 193.43.158 193.90
Deny from 194.139 194.149.148 194.151 194.183.0 194.183.4 194.185 194.186.246 194.187.168 194.199.55.254 194.34.105 194.44 194.56.178.164 194.67 194.88.143
Deny from 195.114 195.12.188 195.138.81 195.142 195.154.8.111 195.182.94 195.211 195.22.126 195.22.127 195.228 195.238.108 195.24.198 195.254.135 195.3.144 195.40 195.54 195.62.25 195.81.140 195.9 195.99
Deny from 196 197 198 199
Deny from 2.13.255.56 2.136 2.188 2.50 2.93 2.95
Deny from 200 201 202 203 204 206 207 208 209
Deny from 210 211
Deny from 212.108.76 212.109.201 212.111.198 212.117.180 212.126.96 212.138.88.114 212.160.138.237 212.166 212.174.143.129 212.175 212.181 212.200 212.35.176 212.47.227.72 212.52.159 212.56 212.59 212.73.73 212.74.202 212.76.140 212.83 212.90.40 212.92
Deny from 213.0 213.111.233 213.131.47 213.136.79 213.138.94 213.144.132 213.154.203 213.159.38 213.183.56 213.184.105 213.185.81 213.186.167 213.195.171 213.197.129 213.215.201 213.227 213.238.175 213.227 213.24 213.37 213.42 213.59 213.61 213.65
Deny from 216
Deny from 217.109.29.229 217.12.199 217.147.84 217.170.201 217.195.202 217.64.110
Deny from 218 219
Deny from 220 221 222 223
Deny from 23 24 27
Deny from 31.131.67 31.132.6 31.133.13 31.145 31.169.83 31.172.30  31.173 31.184 31.187 31.192 31.193.196 31.202 31.204 31.223 31.23 31.28.251 31.31 31.37.121.176 31.39.125.134 31.41 31.44 31.6.71 31.7.232
Deny from 36
Deny from 37.0.121 37.0.123 37.1.49 37.112 37.113 37.115 37.131.215  37.139 37.142 37.187.79.141 37.187.88
Deny from 37.203.212 37.214.32 37.215 37.220.35 37.221 37.229 37.230.135 37.230.213 37.233.27 37.235.53 37.236 37.247.48 37.44 37.48 37.57 37.59 37.72 37.77 37.9 37.99.114
Deny from 38 39
Deny from 40 41 42 43 45
Deny from 46.102 46.105 46.109 46.118 46.119 46.147 46.148 46.151 46.16.74 46.161 46.165 46.166 46.17 46.175.254 46.183.162 46.185 46.188 46.191 46.21.99 46.211 46.22 46.243.173 46.246 46.250.0 46.28.66 46.29 46.33.250 46.36.112 46.38.62 46.39 46.41 46.61 46.7 46.98
Deny from 47.88 47.90.4
Deny from 49
Deny from 5.101 5.135 5.139 5.141 5.144.97 5.149.212 5.157 5.158 5.160 5.164 5.166 5.167 5.175 5.196.1.129 5.2.72 5.227 5.233 5.248 5.249.164 5.254 5.255 5.3 5.34 5.35.25 5.39 5.45 5.62 5.79.68 5.9
Deny from 50 51.15.43 51.15.46 51.15.51 51.15.53 51.15.6 51.254.221.166 51.254.23 54 58 59
Deny from 60 61 62.102.148 62.122 62.16 62.20 62.201.203 62.201.219 62.210.245.138 62.210.245.158 62.210.246.163 62.210.69.79 62.210.7.205 62.210.80.48 62.210.82 62.210.81.52 62.212.73 62.220.59 62.39.122 62.76 62.77.180 62.90 63 64 65 66 67 68 69
Deny from 70 71 72 74 75 76
Deny from 77.109.139 77.120 77.121 77.122 77.123 77.125 77.126 77.154.202.104 77.232.159 77.234.44 77.243 77.79.178 77.81.232 77.91.179 77.93.2.81 77.95.225
Deny from 78.10 78.109.24 78.188 78.129.215 78.137.14 78.137.44 78.211.0.203 78.225.69.85 78.237.8.14 78.242.173.101 78.25 78.29 78.30 78.38 78.63 78.96 78.97
Deny from 79.110.17 79.124.59 79.133.217 79.134 79.143.179 79.172.193 79.173.95 79.176 79.98.107
Deny from 80.191 80.203 80.232.207 80.233.134 80.28 80.39 80.71.115 80.72.37 80.82.64 80.82.65 80.79.127 80.84.50 80.86 80.93
Deny from 81
Deny from 82.102.24 82.103.140 82.112.194 82.119.86 82.126.217.100 82.137.208 82.151.83 82.192.30 82.193.109 82.204.105 82.209.251 82.221 82.225.143 82.238.179.246
Deny from 83.128 83.141.175.34 83.143.240 83.234 83.244.185 83.39 83.41 83.50
Deny from 84.240 84.243 84.244 89.34.26 84.42 84.52.78 84.72
Deny from 85.10.210 85.114.129 85.17 85.138 85.194.241 85.195.82 85.248 85.25 85.29 85.9.20 85.98
Deny from 86.12 86.120 86.121 86.51 86.57.191 86.69.93.195 86.70.120.162 86.74.208.95 86.96 
Deny from 87.110 87.117 89.187.144 87.19 87.204 87.228.15 87.98.179.184 87.98.151 87.98.165.214 87.255.77 87.98.166 87.98.173
Deny from 88.125.64.25 88.147.166 88.15 88.150.163 88.159 88.190 88.246.126.43 88.255 88.64 88.80.41
Deny from 89.105 89.111 89.137 89.139 89.144.12 89.169 89.147 89.157.43.163 89.163.224 89.178 89.19.178 89.191 89.218 89.234.157.254 89.248.169 89.248.171 89.249.207 89.26.248 89.28 89.30.105.121 89.31.57 89.32.123 89.33.43 89.34.237 89.43 89.44 89.46 89.47 
Deny from 90.112.161.53 90.112.187.163 90.52.66.253 90.54.190.128
Deny from 91.105.238 91.105.98 91.106 91.108.177 91.108.182 91.108.183 91.108.72 91.108.73 91.109.196 91.109.247 91.121.73.4 91.121.175.35 91.138.23 91.144.177 91.176 91.188.124 91.188.39 91.191.173 91.194.57 91.197.89
Deny from 91.200 91.205 91.207.4 91.207.5 91.207.6 91.207.7 91.207.8 
Deny from 91.212.124 91.213 91.214.84 91.217.10 91.218.115 91.218.247 91.219.237 91.221.84 91.222 91.224.150 91.226.212
Deny from 91.231.40 91.232.96 91.235 91.236.74 91.236.75 91.237.249 91.238.134 91.239.15
Deny from 91.240.163 91.241.53
Deny from 91.98 91.99.61
Deny from 92.113 92.126 92.157.193.130 92.222.237 92.222.66.16 92.233 92.243.166 92.255
Deny from 93.115 93.118 93.120 93.127 93.170 93.171.205 93.174 93.178 93.179 93.182 93.186.251 93.188.37 93.190.139 93.21.10.70 93.72 93.74 93.77 93.84 93.85 93.94.246
Deny from 94.102.56 94.127 94.153 94  
Deny from 94.23.148 94.23.30.166 94.23.155.150 94.23.157.166 94.23.6.70
Deny from 94.242.115 94.242.237 94.244.70 94.26.172 94.27 94.45
Deny from 95.104 95.105 95.130.11.147 95.130.12.31 95.132 95.133 95.139 95.141 95.154 95.163 95.181 95.183.50 95.211 95.24 95.215.61 95.238 95.28 95.65 95.67 95.71 95.77 95.78 95.79 95.85.41
Deny from 96 97 98 99
Deny from 2001:470:b037::0/48
Deny from 2001:41d0:2:71de::0/64
Deny from 2001:da8::0/32
Deny from 2a00:b980:2::0/48
Deny from 2a01:e35:242c:3350:f57f:4bb9:edf8:a5a9
Deny from 2a01:e35:2ef2:d850:756f:7aa3:a228:16e4
</files>
#</Limit>

WordPress  / Apache Formateur Apache Formateur WordPress Spam de commentaires Wordpress 

Commentaires

Très bonne idée.
Et c’est pas plus simple de faire l’inverse : n’autoriser que les domaines PAS exotiques.

@Nicolive

Oui, en effet ! Il y en a beaucoup aussi. ;+)

Personnellement, je me sert d’antispam bee.
Je ne vois pas l’intérêt de faire la configuration antispam manuellement. Plus efficace ?

@satbadkd

Deux indésirables depuis près de 24 heures alors que j’étais à une cadence de 50 spams par jour il y a moins d’une semaine ! Ça semble marcher. Je touche du bois. ;+)

Et en changeant le système actuel de captacha (qu’ils arrivent à résoudre apparemment)?

@Jérôme

D’après mes logs, je ne suis pas sûr qu’ils le détournent. La cadence n’est pas celle d’un robot.

Ma technique a, cette fois, l’air de tenir.

Bonjour,
Comment est ce que vous avez du spam de commentaires si ils n’arrivent pas à résoudre le captcha alors?

@Jérôme

Si c’était un automate, j’aurais bien plus de 50 spams à la journée, non ? Ce que je veux dire, c’est qu’ils n’ont pas trouvé, ces braves chinois et autres ukrainiens, de moyens automatiques de casser le captcha !

Du coup, ça m’interroge sur l’existence – ou pas – de petites mains chargées de faire la sale besogne ! A combien d’euros la journée ? ;+)

J’ai compris :-)
Les commentaires qui arrivent à être soumis sont potentiellement soumis par des humains et non pas par des bots.

@Jérôme

C’est ma conviction au regard des logs fournis par Apache !

Bonjour,

Personnellement j’ai viré Akismet qui ne sert strictement à rien et qui est en plus illégal en France et je l’ai remplacé par NoSpamNX et depuis, je ne suis plus embêté par les robots spammeurs, ni par les spammeurs exotiques!

Amicalement,

Bruno

@Bruno

Merci pour l’info.

Laisser un commentaire

(requis)

(requis)