Block WordPress / bbPress SPAM with .htaccess

I Have a FORUM built with bbpress (wordpress), at that time my total visitors may be around 1,00,000 per month; but as soon as i hosted BBpress, visitor count jumped 3 times of pre BBpress;

and also many fake Registrations, mostly from Russia, China and Canada; Even i was having CAPTCHA, still fake registrations and SPAM posts continued;

Then i installed “Human Test for bbPress” along with “CLICKCHA” Which totally stopped my fake registration and SPAM Postings.

I thought all SPAM is stopped and my problems solved, but i got notification from webhosting that i am exceeding BANDWIDTH which was 100GB per month.

How come, it cross 100GB when i hit only 1,00,000 visitors as i was not having any photos/graphic or videos on my site than just text.

When i checked IPs of visitors where most of the traffic comes from, and it was from RUSSIA and China.

I took IP listings from Website statistics and check with BULK IP Locator script; and added in .htaccess file like this

————– .htaccess ————

order allow,deny
deny from 110.34.172.123
deny from 110.85.75.156
deny from 117.21.225.66
deny from 117.27.138.41
deny from 117.27.138.68
deny from 121.205.90.97
deny from 125.127.115.205
deny from 178.137.18.72
deny from 178.137.85.246
deny from 184.107.243.194
deny from 188.143.232.55
deny from 192.114.71.13
deny from 192.162.19.183
deny from 200.251.58.190
deny from 217.160.21.101
deny from 218.6.12.98
deny from 218.86.51.29
deny from 220.161.103.171
deny from 222.187.223.112
deny from 222.76.219.105
deny from 27.153.151.130
deny from 37.112.232.44
deny from 46.109.197.162
deny from 46.17.100.137
deny from 46.17.96.204
deny from 46.17.96.43
deny from 46.17.97.128
deny from 46.17.98.190
deny from 46.17.98.211
deny from 59.57.14.123
deny from 61.191.190.209
deny from 74.91.20.210
deny from 77.106.249.22
deny from 77.65.48.239
deny from 80.82.66.232
deny from 82.80.149.87
deny from 85.214.85.90
deny from 91.201.64.17
deny from 91.201.64.223
deny from 91.210.104.143
deny from 94.249.47.81
deny from 86.108.116.146
deny from 158.255.7.232
deny from 94.102.48.116
deny from 89.74.14.71
deny from 61.160.200.203
deny from 93.182.190.53
deny from 93.182.171.177
deny from 31.178.7.2
deny from 218.66.249.146
deny from 91.201.64.4
deny from 210.13.203.58
deny from 59.58.159.6
deny from 218.6.8.19
deny from 87.68.158.113
deny from 93.174.93.85
deny from 114.80.115.207
deny from 12.46.14.66
deny from 147.91.173.31
deny from 195.128.127.5
deny from 200.251.58.190
deny from 200.63.213.2
deny from 202.101.6.85
deny from 202.156.6.77
deny from 203.113.13.3
deny from 203.190.250.104
deny from 203.229.251.159
deny from 211.153.44.155
deny from 212.73.128.114
deny from 213.5.71.12
deny from 216.139.164.84
deny from 218.5.84.205
deny from 219.136.249.79
deny from 24.151.200.77
deny from 24.85.220.156
deny from 60.164.184.44
deny from 60.191.251.9
deny from 64.246.18.25
deny from 66.96.203.37
deny from 66.98.212.79
deny from 67.180.241.181
deny from 67.80.254.204
deny from 71.140.50.82
deny from 80.58.205.41
deny from 80.58.205.47
deny from 81.1.89.95
deny from 81.1.93.187
deny from 81.197.104.145
deny from 81.199.85.117
deny from 82.199.96.64
deny from 83.229.92.5
deny from 222.77.229.183
deny from 175.44.12.52
deny from 121.205.247.162
deny from 178.33.252.226
deny from 93.174.93.85
deny from 146.0.74.234
deny from 184.22.182.90
deny from 222.186.26.208
deny from 222.186.24.*
deny from 222.186.25.*
deny from 222.186.26.*
deny from 60.169.73.*
deny from 60.169.75.*
deny from 60.169.78.*
deny from 61.160.232.*
deny from 112.111.175.*
deny from 112.111.160.*
deny from 91.236.74.*
deny from 217.69.133.31
deny from 123.11.252.106
deny from 46.17.97.118
deny from 122.72.2.184
deny from 180.158.32.141
deny from 117.26.77.160
deny from 119.57.77.163
deny from 175.42.83.218
deny from 180.153.206.21
deny from 101.226.65.106
deny from 175.44.15.83
deny from 202.98.123.126
deny from 192.162.19.175
deny from 188.143.232.196
deny from 58.83.224.217
deny from 61.147.111.3
deny from 110.85.69.214
deny from 218.66.250.106
deny from 94.153.64.194
deny from 122.141.243.216
deny from 121.11.149.250
deny from 116.112.66.102
deny from 27.159.234.175
deny from 110.84.210.230
deny from 91.236.74.190
deny from 194.9.15.254
deny from 59.44.204.198
deny from 91.218.245.160
deny from 86.111.79.5
deny from 218.93.127.117
deny from 117.82.213.130
deny from 87.206.166.2
deny from 188.143.232.23
deny from 125.88.125.201
deny from 180.153.127.209
deny from 117.25.237.140
deny from 218.6.12.66
deny from 46.186.80.25
deny from 202.112.114.6
deny from 117.26.223.73
deny from 61.50.241.194
deny from 175.44.3.68
deny from 118.192.35.172
deny from 94.19.190.53
deny from 46.17.96.78
deny from 218.9.55.116
deny from 218.83.175.129
deny from 188.143.232.198
deny from 193.105.210.84
deny from 101.255.32.6
deny from 218.242.43.32
deny from 218.86.50.97
deny from 46.119.115.22
deny from 94.127.144.225
deny from 221.7.228.138
deny from 213.141.144.39
deny from 46.73.131.184
deny from 210.52.215.162
allow from all
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^BlackWidow [OR]
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR]
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR]
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR]
RewriteCond %{HTTP_USER_AGENT} ^DISCo [OR]
RewriteCond %{HTTP_USER_AGENT} ^Download\ Demon [OR]
RewriteCond %{HTTP_USER_AGENT} ^eCatch [OR]
RewriteCond %{HTTP_USER_AGENT} ^EirGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailSiphon [OR]
RewriteCond %{HTTP_USER_AGENT} ^EmailWolf [OR]
RewriteCond %{HTTP_USER_AGENT} ^Express\ WebPictures [OR]
RewriteCond %{HTTP_USER_AGENT} ^ExtractorPro [OR]
RewriteCond %{HTTP_USER_AGENT} ^EyeNetIE [OR]
RewriteCond %{HTTP_USER_AGENT} ^FlashGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetRight [OR]
RewriteCond %{HTTP_USER_AGENT} ^GetWeb! [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go!Zilla [OR]
RewriteCond %{HTTP_USER_AGENT} ^Go-Ahead-Got-It [OR]
RewriteCond %{HTTP_USER_AGENT} ^GrabNet [OR]
RewriteCond %{HTTP_USER_AGENT} ^Grafula [OR]
RewriteCond %{HTTP_USER_AGENT} ^HMView [OR]
RewriteCond %{HTTP_USER_AGENT} HTTrack [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Stripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^Image\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} Indy\ Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^InterGET [OR]
RewriteCond %{HTTP_USER_AGENT} ^Internet\ Ninja [OR]
RewriteCond %{HTTP_USER_AGENT} ^JetCar [OR]
RewriteCond %{HTTP_USER_AGENT} ^JOC\ Web\ Spider [OR]
RewriteCond %{HTTP_USER_AGENT} ^larbin [OR]
RewriteCond %{HTTP_USER_AGENT} ^LeechFTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mass\ Downloader [OR]
RewriteCond %{HTTP_USER_AGENT} ^MIDown\ tool [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mister\ PiX [OR]
RewriteCond %{HTTP_USER_AGENT} ^Navroad [OR]
RewriteCond %{HTTP_USER_AGENT} ^NearSite [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetAnts [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Net\ Vampire [OR]
RewriteCond %{HTTP_USER_AGENT} ^NetZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Octopus [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Explorer [OR]
RewriteCond %{HTTP_USER_AGENT} ^Offline\ Navigator [OR]
RewriteCond %{HTTP_USER_AGENT} ^PageGrabber [OR]
RewriteCond %{HTTP_USER_AGENT} ^Papa\ Foto [OR]
RewriteCond %{HTTP_USER_AGENT} ^pavuk [OR]
RewriteCond %{HTTP_USER_AGENT} ^pcBrowser [OR]
RewriteCond %{HTTP_USER_AGENT} ^RealDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^ReGet [OR]
RewriteCond %{HTTP_USER_AGENT} ^SiteSnagger [OR]
RewriteCond %{HTTP_USER_AGENT} ^SmartDownload [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperBot [OR]
RewriteCond %{HTTP_USER_AGENT} ^SuperHTTP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Surfbot [OR]
RewriteCond %{HTTP_USER_AGENT} ^tAkeOut [OR]
RewriteCond %{HTTP_USER_AGENT} ^Teleport\ Pro [OR]
RewriteCond %{HTTP_USER_AGENT} ^VoidEYE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Image\ Collector [OR]
RewriteCond %{HTTP_USER_AGENT} ^Web\ Sucker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebAuto [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebCopier [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebFetch [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebGo\ IS [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebLeacher [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebReaper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebSauger [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ eXtractor [OR]
RewriteCond %{HTTP_USER_AGENT} ^Website\ Quester [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebStripper [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebWhacker [OR]
RewriteCond %{HTTP_USER_AGENT} ^WebZIP [OR]
RewriteCond %{HTTP_USER_AGENT} ^Wget [OR]
RewriteCond %{HTTP_USER_AGENT} ^Widow [OR]
RewriteCond %{HTTP_USER_AGENT} ^WWWOFFLE [OR]
RewriteCond %{HTTP_USER_AGENT} ^Xaldon\ WebSpider [OR]
RewriteCond %{HTTP_USER_AGENT} ^Zeus
RewriteRule ^.* – [F,L]

—– end of .htaccess ——–
before adding these entries traffic was 8GB perday which was reduced to 600MB after adding these IPs, which are mostly from RUSSIA and China.

READ  wp-admin : This webpage has a redirect loop

One thought on “Block WordPress / bbPress SPAM with .htaccess

Leave a Comment

Your email address will not be published. Required fields are marked *