Last month I started noticing a lot of referrals coming to this site from semalt.semalt.com/crawler.php.

I went to semalt.com to see what that was about.

semalt home page

I wasn’t about to give them my email address without knowing anything about them. A little more digging around, and nobody seems to know exactly who they are or what they do. None of the 48895 webmasters who trust them seem to write about it. Instead, the broad consensus is that they’re Ukrainian spammers.

They don’t appear to be attempting to hack the site directly. It buggers the site statistics though, since you get a bunch of meaningless referrals, all of which result in bounces (hit the page then leave the site).

I also found out that you can’t block them by their IP because they seem to somehow co-opt IPs from all over the place.

There are a number of suggestions for using your .htaccess file to block them. I tried a few. Here’s what finally worked for me:

RewriteEngine On #Block Spammers (We hope!) RewriteCond %{HTTP_REFERER} semalt.com [NC] RewriteRule .* - [F,L]

Note, I had to insert this before the WordPress rewrite block. If you put it after the WordPress section, the WordPress redirect processes first and it never gets to the spam block rewrite.

So long, Semalt.

12/7/14 – PostScript*: *If you’re running behind a dynamic cache like Varnish, blocking referrers via .htaccess won’t work. More on this, and a possible work-around.