Lately, my sites are being hammered by “unwanted behavior”. Because I feel I cannot blindly trust my WordPress installs to be 100% bug-free, I like to block as many of these unwanted behaviors before any PHP code is executed on my server. Currently, I use the following NGINX techniques to block unwanted visitors.
Recently I’ve been noticing a referrer spammer targeting my sites from the IP address 18.104.22.168. Trying to promote aimtrust and theinvestblog.
Let’s add a little more data to my previous article on stopping referrer spam. It’s the current list of blocked IP addresses. Currently the list blocks 245 addresses.
Referrer spam, to some webmasters something unknown, to others a severe pain in the butt. People visiting your website while faking a refferer aren’t that bad, but people actually using webspiders to massively desecrate your website statistics are very annoying, these people need to be targeted.
As of Plesk 7.1.4, Plesk allows us to add TXT records in the DNS for a domain, thus allowing us to add SPF records. SPF is, in theory, a good way to stop spam. In short, SPF allows you to tell the world, which mailservers are allowed to send emails using your domain in the From address.