Ash has already shared a useful WordPress tutorial earlier, if you have missed it, Do read: Supercharge your WordPress blog in one hour. If you run a PHP/MySQL site, forum, CMS, or blog and want to keep hackers and spambots from filling up your content with spammy posts or comments, then keep reading. If you like free solutions, then keep reading.
ZB Block is a free script from the famous Zaphod, who has been active on Usenet since the late 1980s. He doesn’t like spam content, so he wrote this great script that you can install.
- Download URL: http://www.spambotsecurity.com/zbblock_download.php
How to install ZbBlock:
Unzip the file and upload the contents of the zbblock folder to the /zbblock folder on your server:
If you want to keep out the Chinese and Korean spammers, you are effectively blocking innocent people from those countries. If you don’t care about that, then also download and unzip the China and North Korea blocks file.
Take the customsig.inc file and in the provided gap insert the contents of the above file. It looks like this:
You can add any other country blocks using the above formats but keep in mind that the smarter spammers use proxies and infected PCs, so nothing is 100% foolproof. I notice that Asian spammers get a web host in the US where they run a proxy server so I tend to block popular US hosting providers as this doesn’t block normal Americans who go directly from their home/work PC to your site. Too bad for the few Americans who use legit proxies on their web host accounts.
Run the setup.php script and follow the instructions. (After you have run it successfully, you can’t reach it again.)
Essentially, you have to add a special tag at the very beginning of every page you want to protect. For a WordPress site, you can open up header.php:
Notice that there is no space between the ZBB tag and the start of the doctype. This is very important.
Testing security of your WordPress blog
You can fly to China, er, no, there is an easier way. At the end of your site URL after the slash, add “?test=xtestx” and you should see a screen like this:
Go ahead, and improve your WordPress blog security. If your blog is hacked, there are many WordPress plugins to check your blog. Also, try WordFence WordPress plugin, which will help you to further improve the security of WordPress blog.