Ladies and gentelmen, here is another IP address to put in your .htaccess deny list: 126.96.36.199
This IP apparently belongs to hopone.net which looks like a legitimate company. I was surprised to see that this machine is accessible from the outside and it’s port 80 is open for inbound traffic: see for yourself.
Of course I portscanned the asshole and he seems to also have open ftp, ssh and mysql ports. It runs Apache 1.3 which is a little outdated and can be potentially xploited. They even left the Apache manual for us. This looks like some sort of workstation on their network – a workstation that probably should sit behind the NAT and firewall but for some reason it is out in the open. It might have been rooted and now it acts as some spammers proxy… Sigh…
This dude has been manually spamming me for some time now. He seems to average 20-30 comments a day, and does not get discouraged when Akismed eats up all of them. Anyways, if you are into commernt spamming you really need to look into some sort of roaming proxy setup. Because with a static IP, I can just lock you out each time. :P
Btw, Akismet is the best!
[tags]comment spam, spamming, spammer, htaccess, ip, hopone[/tags]