Skip to content

Instantly share code, notes, and snippets.

@jat001
Last active February 19, 2020 10:26
Show Gist options
  • Save jat001/6592184 to your computer and use it in GitHub Desktop.
Save jat001/6592184 to your computer and use it in GitHub Desktop.
Deny the IP address of WordPress spam comment.
<?php
// mysql
$host = 'localhost';
$port = '3306';
$user = 'root';
$passwd = '';
$dbname = 'wordpress';
$server = "$host:$port";
// nginx config file
$file = './deny.conf';
$mysqli = new mysqli($server, $user, $passwd, $dbname) or exit('Can not connect to mysql server.');
$result = $mysqli->query("SELECT comment_author_IP FROM wp_comments WHERE comment_approved = 'spam'");
$spamIPArr = array();
while ($row = $result->fetch_row()) $spamIPArr[] = $row[0];
$result->free();
if (is_readable($file)) {
$oldList = file_get_contents($file);
$oldList = ltrim(rtrim($oldList, ';'), 'deny ');
$oldListArr = explode(";\ndeny ", $oldList);
$ipArr = array_unique(array_filter(array_merge($spamIPArr, $oldListArr)));
} else {
echo "Can not open or read nginx config file.\n";
$ipArr = array_unique(array_filter($spamIPArr));
}
$ip16Arr = preg_replace('/(\.\d{1,3}){2}$/', '', $ipArr);
$conIP16Arr = array_count_values($ip16Arr);
$newIP16Arr = array();
foreach ($conIP16Arr as $k => $v) {
if ($v >= 8) {
$newIP16Arr[] = "$k.0.0/16";
$k = addcslashes($k, '.');
$reg = "/^$k(\.\d{1,3}){2}$/";
$ipArr = preg_replace($reg, '', $ipArr);
}
}
unset($k, $v, $reg);
$newIP16Arr = array_unique(array_filter($newIP16Arr));
function fltIP24($psbIP16) {
global $newIP16Arr;
foreach ($newIP16Arr as $v) {
if (stripos($v, $psbIP16) === true) return false;
}
return true;
}
$ip24Arr = preg_replace('/\.\d{1,3}$/', '', $ipArr);
$conIP24Arr = array_count_values($ip24Arr);
$newIP24Arr = array();
foreach ($conIP24Arr as $k => $v) {
$psbIP16 = preg_replace('/\.\d{1,3}$/', '', $k) . '.0.0/16';
if ($v >= 4 && fltIP24($psbIP16)) {
$newIP24Arr[] = "$k.0/24";
$k = addcslashes($k, '.');
$reg = "/^$k\.\d{1,3}$/";
$ipArr = preg_replace($reg, '', $ipArr);
}
}
unset($k, $v, $reg);
$newIP24Arr = array_filter($newIP24Arr);
$fltNewIP24Arr = preg_replace('#\d{1,3}\.0/24#', '', $newIP24Arr);
$conFltNewIP24Arr = array_count_values($fltNewIP24Arr);
foreach ($conFltNewIP24Arr as $k => $v) {
if ($v >= 2) {
$k = addcslashes($k, '.');
$reg = "#^$k\.\d{1,3}\.0/24$#";
$newIP24Arr = preg_replace($reg, '', $newIP24Arr);
}
}
unset($k, $v, $reg);
$newIP24Arr = array_unique(array_filter($newIP24Arr));
$ipArr = array_unique(array_filter(array_merge($ipArr, $newIP16Arr, $newIP24Arr)));
natsort($ipArr);
$denIP = '';
foreach ($ipArr as $v) $denIP .= "deny $v;\n";
if (file_put_contents($file, $denIP)) {
$mysqli->query("DELETE FROM wp_comments WHERE comment_approved = 'spam'");
echo "All done. Please copy the config file to nginx config directory, like `/etc/nginx`. And then `chown` + `chmod` it. Finally add `include deny.conf;` in `nginx.conf`.\nThe following is generated content:\n$denIP";
} else {
echo "File write error. Please manually add the following to the config file. And then copy the config file to nginx config directory, like `/etc/nginx`. Finally add `include deny.conf;` in `nginx.conf`. You also need manually clean the spam comments in wordpress database.\nThe following is generated content:\n$denIP";
}
$mysqli->close();
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment