Glo

The new IP the spammer is using as of today is 219.150.118.16

Babs, did you install WP into the same database as b2? Then run the SQL query in phpmyadmin? Then run the import-b2.php?

gpshewan, no worries, I wasn’t offended and just for clarity … the shetef.com Ip (64.234.220.141) was not in the contact info. It is the IP of the 4free.gb.com and web4u.gb.com domains (which names only 2, there are others) and they have been in my referral logs in massive amounts. Because blackjack-123.com can be traced/routed to 64.234.220.141 and that IP has domains spamming my referral logs, I believe that to be too much of a coincidence to ignore.

I should add that the contact info for these IPs are different and probably spoofed as well.

gpshewan, yes I understand what is happening and I do know how to track a spammer and I do realize the IPs that show up in my logs are spoofed. There is at least one other IP and it is connected with 161.58.59.8 which resolves to blackjack-123.com but if you trace blackjack-123.com it will resolve to 64.234.220.141 which resolves to shetef.com and it resolves to 67.18.52.66 which ends up at escape.websitewelcome.com which is a whois privacy protection service.

Each one of those IPs are connected to the domains the spammers use for their referral spam. Some are sub-domains ending with 4free.gb.com and web4u.gb.com (64.234.220.141). Unfortunately, I didn’t save them all since they were all coming from the above sources.

kyte, you might want to try this plugin. I’m not sure that it will work in you version of WP but it’s worth a try. I haven’t had a single one get through since I implemented it.

True, most do not care or notice referral spam. I didn’t until my server slowed way down and I investigated. I found that some idiot tried to hack into my WP admin. That wasn’t a part of the problem the server was having and the hacker didn’t get in but it ticked me off and I have become much more diligent (yes, obsessive) at checking my logs. I didn’t think much about referral spam since I don’t publish my referral logs until I read something on the bandwidth issue and started getting more of the spam than actual referrer sites. That was annoying so I started doing some research. This particular person or persons, uses more than one legit IP (I know of one other) and they are spamming at an incredible rate. I’ve counted 56 tries since I put that referrer code in my index page this morning, all using a different domain name. Amazing!

I still don’t understand what they get from doing it. Even comment spam doesn’t get them anything, not even a better PR from Google. It’s just a waste of resources.

I can’t even load your site now. I suspect that you removed something you shouldn’t have removed or left something you shouldn’t have left when you removed the code for the hash. Sometimes it difficult to find a small mistake. I would compare a fresh WP copy with what you have now. I don’t know PHP well enough to know what those errors mean. Sorry that I could not be of more help. ??

Okay, I’m not an expert and I can’t see your code but do you have an extra whitespace either in front of the <?php or after the ?>

Sorry, willfulexpose, I added to my post while you were posting. Did you try the plugin without modifing any of your WP files?

Wow, I didn’t have a single problem with this plugin and I haven’t had a single comment spam get through since I implemented it, even though there have been many attempts. What wasn’t working?

Maybe you should ask or explain what happened on Elliott’s site?

BTW, you should not have edited/modified any of your WP files when you installed this plugin. All you needed to do was upload the plugin to you wp-content/plugins folder (directory) and then activate it. If the plugin failed, then there are manual instructions. Did you try the plugin without modifying any of your WP files first?

User Online @ https://www.lesterchan.net/portfolio/programming.php

I have a question for you – can there be more than one IP in that referer code? or do you need to do a separate line of code for each IP?

Thank you, thank you, thank, you! I had already found the spammers main site and IP but didn’t know how to keep him out of my referral logs. I’ve been looking for an apache rewrite mod but this code seems to be working, yeppie!

If it is a bug then why aren’t lots of other WP users having the same problem?

Ah, it’s a beta version of WP. Nevermind, there’s probably not that many using it simply because it’s still in beta.

I like the design. It offers a look at who the designer/owner is, his personality. I think that’s what a lot of blogs lack. The content may provide a hint of the person behind the words but the design is often non-telling, lacking in anything that’s unique to the owner. The look of your site made me want to find out more about you. Can’t ask for much more than that in my opinion.

You are aware that the XHTML doesn’t validate, aren’t you?

Try this link.