Recently one of my more popular websites has seen a barrage of the creation of spam WordPress user accounts, mostly originating from IP adddresses geolocated in China. It sounds extreme, but my solution, at least temporarily, is to block and deny all of China from visiting the website using a few simple lines in the root .htaccess file.

I already use Sucuri site monitoring for this domain, but that is only designed to notify me after the event that my site has been compromised, and it was doing nothing to prevent the creation of the spam users.

So my next step was to install the WordFence plugin, which is great for monitoring live traffic and for monitoring all logins, both successful and unsuccessful.  The IP address of each site hit is provided on a continual update every 2 seconds, along with its geographic location and a link to easily block that IP, temporarily or permanently, with a single click.

Sounds great, and it is, except for the fact that the spammers have a seemingly endless array of IP addresses and every time I’d block a handful of them, another half dozen will crop up to carry on the attack.

Finally, until I can implement a more strategic solution (Mykonos, et al), I decided to block all Chinese IP addresses using a single deny command in the site’s .htaccess file.

I’ve some experience blocking IPs on a small scale, one at a time, and had a hunch that if I found the right list of IP ranges, I could likely keep out all of China.

Here is that code:

order allow,deny

deny from
# that is China

allow from all

Here is the excellent, updated source of that code, with links to much more helpful stuff. … Thanks, Wizcrafts!