Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
Try searching for ‘ipblacklist’ on GitHub.
Kingstone said:
Try searching for ‘ipblacklist’ on GitHub.
Awesome, I didn’t even think to check GitHub. Time to start scripting!
Honestly, it’s an uphill battle. Both residential and commercial ISPs get spammed, but lately, it’s more commercial and VPS because of how easy they are to access.
If you’re using WordPress, give Akismet a try, it’s pretty good. If you’ve got a custom setup, you could look into:
SpamHaus: They do the heavy lifting and you offload the processing to them.
rspamd: This is an in-house solution, but it takes a lot of work. It’s highly customizable based on a scoring system that matches your needs.
It’s almost impossible to keep up with a list of spam IPs. Spammers change their IPs constantly. You might be better off implementing a strong CAPTCHA or another challenge-based system if you still need comments. Or just disable them entirely with a simple code snippet. That’s what I always do on my WordPress installs.
Eliot said:
It’s almost impossible to keep up with a list of spam IPs. Spammers change their IPs constantly. You might be better off implementing a strong CAPTCHA or another challenge-based system if you still need comments. Or just disable them entirely with a simple code snippet. That’s what I always do on my WordPress installs.
I’m just trying to reduce the number of spammers. I know you can’t block them all, even with CAPTCHA or honeypots, but any reduction is worth it if it cuts down the spam for our clients.
Eliot said:
It’s almost impossible to keep up with a list of spam IPs. Spammers change their IPs constantly. You might be better off implementing a strong CAPTCHA or another challenge-based system if you still need comments. Or just disable them entirely with a simple code snippet. That’s what I always do on my WordPress installs.
I’m just trying to reduce the number of spammers. I know you can’t block them all, even with CAPTCHA or honeypots, but any reduction is worth it if it cuts down the spam for our clients.
Have you tried blocking by country at the server level? Countries like Russia, China, and India tend to be big offenders. We’ve had good success doing that since our sites don’t need international traffic.
Check out multirbl.valli.org. They have a lot of real-time blocklists (RBLs) for email, but you might find something useful.
For comments, you could also use this list: https://www.neblink.net/blocklist/IP-Blocklist-clean.txt. It gets updated daily.
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
I wouldn’t bother blocking by IP. Instead, block by country. Wordfence has an option for country blocking, and it will help you catch more spammers.
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
Consider using Cleantalk, Cloudflare, and CAPTCHA together. It’ll help a lot with spam.
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
We use data from StopForumSpam to help our customers reduce email spam registrations, especially from compromised accounts (like those where users get back in and mark everything as spam). We replace the list often to prevent it from blocking legit activity. You might find their IP blocklists helpful too.
Just keep an eye on their download limits, and don’t hang onto a list for too long to avoid blocking good traffic.
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
I use ipsum, which compiles many IP lists. You can find it here: GitHub - stamparm/ipsum: Daily feed of bad IPs (with blacklist hit scores)
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
StopForumSpam is likely your best bet. I also suggest using MXToolbox’s blacklist search to check if the IPs you’re seeing are already flagged. Another good option is RBL page, which lists bad actors. It’s RBL-based, and you can use it with mod_security if you control the rule set.
Winter said:
Does anyone know if there’s a ready-made blacklist server admins can use to block spammers across the whole server?
I’ve been collecting IPs from spammers hitting my sites and want to create a server-wide blacklist to prevent them from spamming client comments. But then I thought, is there already a blacklist out there like the ad-blocking lists for PiHoles?
Just wondering if anyone knows of anything like this already.
Cloudflare’s WAF rules let you block by country, continent, and ASN. You could try setting that up to help cut down on spam.