Top comment spammers for WordPress

Looking through the sources for WordPress SPAM comments, some IPs came back a lot. This post explains how to list your top comment spammers for WordPress.
Not sure if my eyes were fooling me I quickly dived into the database to query the comments tables. Note that I have about 10000 comments currently in that table.

mysql> select count(comment_author_IP) as c,comment_author_IP from wp_comments group by comment_author_IP order by c desc limit 15;
+-----+-------------------+
| c   | comment_author_IP |
+-----+-------------------+
| 479 | 199.15.233.147    |
| 434 | 199.15.233.148    |
| 401 | 199.15.233.144    |
| 385 | 199.15.233.153    |
| 385 | 199.15.232.42     |
| 379 | 199.15.233.145    |
| 378 | 199.15.233.133    |
| 377 | 199.15.233.146    |
| 377 | 199.15.233.143    |
| 374 | 199.15.233.157    |
| 262 | 199.15.233.158    |
| 236 | 142.54.184.181    |
| 138 | 195.211.155.183   |
|  79 | 140.237.12.45     |
|  70 | 110.89.40.214     |
+-----+-------------------+
15 rows in set (0.03 sec)

mysql> 

This result clearly shows that blocking subnet 199.15.232.0/23 on my firewall certainly wouldn’t hurt. It will also take away a lot of stress on the akismet service which is being used by my WordPress configuration.

Leave a Reply

Your email address will not be published. Required fields are marked *