How to stop a spammer ???

21 replies
I am getting spammed to death on my sites from this guy:

Author : Quenuevek (IP: 192.74.229.253 , 192.74.229.253)
E-mail : nu.s2l.jt4s.l2.l.6l.j.7hs@gmail.com
URL : http://dis-louisvuittonoutlet.com
Whois : http://whois.arin.net/rest/ip/192.74.229.253

- I have at the moment 79 Spam comments from him about his poxy luis Vuitton site

How do I stop him/report him/get his real email address?

Getting REALLY angry at this point!
#spammer #stop
  • Profile picture of the author MrMonetize
    Are all the comments posted using the same IP? If they are, you could use something like this.

    WordPress › WP-Ban « WordPress Plugins
    {{ DiscussionBoard.errors[7841491].message }}
    • Profile picture of the author DoubleOhDave
      Originally Posted by MrMonetize View Post

      Are all the comments posted using the same IP? If they are, you could use something like this.

      WordPress › WP-Ban « WordPress Plugins
      Thank you sir! I took great satisfaction in creating a custom "ban message" for him. (Idiot used the same IP on all of the comments)
      {{ DiscussionBoard.errors[7841667].message }}
      • Profile picture of the author MrMonetize
        Originally Posted by DoubleOhDave View Post

        Thank you sir! I took great satisfaction in creating a custom "ban message" for him. (Idiot used the same IP on all of the comments)
        No prob's. If they want to spam, they will just use proxies or a VPN. But if someone 'simple' uses the same IP, then that plugin will work.

        I actually use another method, which involves the .htaccess file. I can redirect any IP to any URL I choose.

        It's usually a porn site with audio for the worst offenders..
        {{ DiscussionBoard.errors[7841693].message }}
        • Profile picture of the author DoubleOhDave
          Originally Posted by MrMonetize View Post

          No prob's. If they want to spam, they will just use proxies or a VPN. But if someone 'simple' uses the same IP, then that plugin will work.

          I actually use another method, which involves the .htaccess file. I can redirect any IP to any URL I choose.

          It's usually a porn site with audio for the worst offenders..

          LOL! Love it!
          {{ DiscussionBoard.errors[7841752].message }}
  • Profile picture of the author sbucciarel
    Banned
    It's registered here:
    Registration Service Provider:
    Netfirms, Inc.,

    Report abuse here
    Report Spam and Abuse
    {{ DiscussionBoard.errors[7841557].message }}
    • Profile picture of the author DoubleOhDave
      Originally Posted by sbucciarel View Post

      It's registered here:
      Registration Service Provider:
      Netfirms, Inc.,

      Report abuse here
      Report Spam and Abuse

      Thanks! I tried that but they say he is redirecting his site and they can do nothing about it.. they gave me this info but I don't understand what I can do with it.. any ideas?

      dis-louisvuittonoutlet.com. 3600 IN CNAME 216-90.hermes-fr.com.
      216-90.hermes-fr.com. 3600 IN CNAME 94-254-0-138.3e.vc.
      94-254-0-138.3e.vc. 600 IN A 203.211.134.66
      {{ DiscussionBoard.errors[7841673].message }}
      • Profile picture of the author Kingfish85
        Originally Posted by DoubleOhDave View Post

        Thanks! I tried that but they say he is redirecting his site and they can do nothing about it.. they gave me this info but I don't understand what I can do with it.. any ideas?

        dis-louisvuittonoutlet.com. 3600 IN CNAME 216-90.hermes-fr.com.
        216-90.hermes-fr.com. 3600 IN CNAME 94-254-0-138.3e.vc.
        94-254-0-138.3e.vc. 600 IN A 203.211.134.66
        That's DNS info.

        Here's the ARIN info on the IP shown above:

        Code:
        % Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html
        
        inetnum:        203.211.134.64 - 203.211.134.79
        netname:        AIDIPERSONALRACK-SG
        country:        SG
        descr:          Aidi Personal Rack
        admin-c:        QSNR1-AP
        tech-c:         QSNR1-AP
        status:         ASSIGNED NON-PORTABLE
        changed:        noc@qalacom.com 20080618
        mnt-by:         MAINT-SG-QALA
        source:         APNIC
        
        role:           QALA SG NOC ROLE
        address:        10 International Business Park
        address:        Singapore 609928
        country:        SG
        phone:          +65-6655-5500
        fax-no:         +65-6655-5410
        e-mail:         noc@qala.com.sg
        remarks:        Spam and security issues - abuse@m1net.sg
        remarks:        Routing and Network issues - noc@qala.com.sg
        admin-c:        FH4-Ap
        tech-c:         FH4-Ap
        tech-c:         JH1830-AP
        nic-hdl:        QSNR1-AP
        notify:         noc@qala.com.sg
        changed:        noc@qala.com.sg 20120221
        mnt-by:         MAINT-SG-QALA
        source:         APNIC
        You are better off asking your provider to just block the IP's where the comment spam is coming from. You can also do this in cPanel (if you're using cPanel) in the deny IP manager.

        Block these: 192.74.229.253 , 192.74.229.253

        EDIT: As mentioned above, the IP's could change as well. Blocking them would be a start.
        Signature

        |~| VeeroTech Hosting - sales @ veerotech.net
        |~| High Performance CloudLinux & LiteSpeed Powered Web Hosting
        |~| cPanel & WHM - Softaculous - Website Builder - R1Soft - SpamExperts
        |~| Visit us @veerotech Facebook - Twitter - LinkedIn

        {{ DiscussionBoard.errors[7841712].message }}
      • Profile picture of the author sbucciarel
        Banned
        Originally Posted by DoubleOhDave View Post

        Thanks! I tried that but they say he is redirecting his site and they can do nothing about it.. they gave me this info but I don't understand what I can do with it.. any ideas?

        dis-louisvuittonoutlet.com. 3600 IN CNAME 216-90.hermes-fr.com.
        216-90.hermes-fr.com. 3600 IN CNAME 94-254-0-138.3e.vc.
        94-254-0-138.3e.vc. 600 IN A 203.211.134.66
        Actually, they are the registrar and the host and there is plenty they could do about it.

        I had a spam commenter on one of my blogs. He was redirecting the domain to a clickbank page. Godaddy was the registrar. I contacted Godaddy abuse dept and not only did they suspend the domain, but they forwarded to complaint to clickbank and the affiliate ID was banned also.

        They apparently don't have as strong of an abuse policy as they say they do.
        {{ DiscussionBoard.errors[7842321].message }}
  • Profile picture of the author Istvan Horvath
    Actually, in your own wp-admin panel under Settings > Discussion there is an option to "blacklist" IP, URL, words etc.

    You have the option to "moderate" - by putting them in the upper field; or to "blacklist" them - by writing them in the lower field. In this latter case the comments will be marked spam and you will not even see them.

    So, why do you need a plugin for something that is there... people just don't use it because they never look around on their own website's backend?
    :p
    Signature

    {{ DiscussionBoard.errors[7841788].message }}
    • Profile picture of the author MrMonetize
      Originally Posted by MikeTucker View Post

      LOL!!
      Originally Posted by DoubleOhDave View Post

      LOL! Love it!
      Do some research on simple .htaccess commands. Its useful to create various security measures like this. Another one I do for some sites, is to change the default login URL to something else, then redirect every IP address to porn sites, apart from my own which is on a whitelist.
      {{ DiscussionBoard.errors[7841890].message }}
    • Profile picture of the author MrMonetize
      Originally Posted by Istvan Horvath View Post

      Actually, in your own wp-admin panel under Settings > Discussion there is an option to "blacklist" IP, URL, words etc.

      You have the option to "moderate" - by putting them in the upper field; or to "blacklist" them - by writing them in the lower field. In this latter case the comments will be marked spam and you will not even see them.

      So, why do you need a plugin for something that is there... people just don't use it because they never look around on their own website's backend?
      :p
      Forgot about that feature tbh. Does the built in feature allow you to block by IP range?
      {{ DiscussionBoard.errors[7841979].message }}
    • Profile picture of the author DoubleOhDave
      That may be true but I got a nice warm fuzzy feeling knowing that next time he tries it he'll get my customized message telling him he's banned and to f** off back to C**** and that more than makes the plugin option the winner for me!

      Originally Posted by Istvan Horvath View Post

      Actually, in your own wp-admin panel under Settings > Discussion there is an option to "blacklist" IP, URL, words etc.

      You have the option to "moderate" - by putting them in the upper field; or to "blacklist" them - by writing them in the lower field. In this latter case the comments will be marked spam and you will not even see them.

      So, why do you need a plugin for something that is there... people just don't use it because they never look around on their own website's backend?
      :p
      {{ DiscussionBoard.errors[7842038].message }}
      • Profile picture of the author DubDubDubDot
        Originally Posted by DoubleOhDave View Post

        That may be true but I got a nice warm fuzzy feeling knowing that next time he tries it he'll get my customized message telling him he's banned and to f** off back to C**** and that more than makes the plugin option the winner for me!
        He'll never see your message. They use automated systems. And if he does see it you just might find yourself under a DDOS attack out of spite.

        It's just one of the downsides of using WordPress. The job of the common spammer is a breeze when everything is standardized from site to site. Whereas if you custom code things yourself you can get a little creative and trip up the automated spam systems.
        {{ DiscussionBoard.errors[7842367].message }}
        • Profile picture of the author sbucciarel
          Banned
          Originally Posted by DubDubDubDot View Post

          He'll never see your message. They use automated systems. And if he does see it you just might find yourself under a DDOS attack out of spite.

          It's just one of the downsides of using WordPress. The job of the common spammer is a breeze when everything is standardized from site to site. Whereas if you custom code things yourself you can get a little creative and trip up the automated spam systems.
          ^^^^^
          This
          They just fire up the spam software and blast those comments all over the place. He won't even see the message.

          I use WP Spam Free and that reduces most spam comments.
          {{ DiscussionBoard.errors[7842417].message }}
  • Profile picture of the author Istvan Horvath
    Settings Discussion Screen « WordPress Codex
    One word or IP per line
    - that's what the docs say.
    Signature

    {{ DiscussionBoard.errors[7842017].message }}
  • Profile picture of the author talfighel
    I would email him a few times asking him to stop the emails. Tell him that you will not join what ever he is sending you.

    If there is no reply or he does not stop, just ignore his messages and/or get a new email address.
    {{ DiscussionBoard.errors[7842040].message }}
    • Profile picture of the author DoubleOhDave
      Did that already - emailed him 4 times over the course of a couple of weeks and asked him to stop. Each time I asked he added another 5 or 6 comments straight away... this was more than just someone who was WP Blog spamming - it was almost malicious in intent


      Originally Posted by talfighel View Post

      I would email him a few times asking him to stop the emails. Tell him that you will not join what ever he is sending you.

      If there is no reply or he does not stop, just ignore his messages and/or get a new email address.
      {{ DiscussionBoard.errors[7842302].message }}
  • Profile picture of the author MrMonetize
    Originally Posted by Istvan Horvath View Post

    One word or IP per line
    The built in method is fine then for individuals like the OP is having trouble with. Some more advanced spammers can use blocks of IPs for comment spam, and for some DDoS attacks I believe. These would still need dealing with so I think that is where a plugin would come in useful. I have had to block ranges of IPs on a few occasions, but I usually do this in .htaccess.
    {{ DiscussionBoard.errors[7842142].message }}
  • Profile picture of the author so11
    Hello,

    in this scenario, it is always best to be proactive...(IP blocking is very limited/temporary solution)

    1. Integrate captcha into your blog
    2. Make your visitors to sign-in before commenting (ex.: OpenID, Discus, etc.).
    3. Limit the number of sends from your contact pages
    4. Lockout IP's automatically for short periods of time
    5. Harden your websites security configurations.

    PS: you said sites...do you use same contact form, email, account for all of your sites? It is always best to isolate all of the above. In that case, one gets hacked...others are up and running

    good luck
    Signature
    www.groupesoloviev.com
    We help businesses manage cyber risk and compliance requirements.
    {{ DiscussionBoard.errors[7842473].message }}
  • Profile picture of the author Karen Connell
    I was getting a lot of comments from someone promoting Louis Vuitton until I added a Captcha to the comments - problem solved (for me anyway...)!
    Signature

    Never Mistake Activity for Accomplishment

    {{ DiscussionBoard.errors[7842512].message }}
  • Profile picture of the author MonitorScout
    Spam comes from servers. Multiple spammers come from single servers. Locate said servers & block those servers.
    The legit website holders will complain that their sites are being blocked, said server owners will self police the problem.

    Don't block the spam, block the servers?.

    This way more and more responsible people will help stop this growing spam problem.
    Signature
    Monitor Scout - Website & Server Monitoring
    50 different checks, SNMP monitoring and much more.
    https://www.monitorscout.com
    {{ DiscussionBoard.errors[7842513].message }}

Trending Topics