Yesterday, I wrote a post about how to block Semalt (also known as Semalt.com) from showing up in your Google Analytics account. In this post, I’ll tell you how to block Semalt from accessing your website using the site’s .htaccess file. Just as a warning, you need to be a pretty advanced user to do this, as if you do something wrong in the .htaccess file of your website there’s a possibility that you’ll take your website down. Each and every request (every hit on every file) first accesses the .htaccess file before your website loads. This is one way that you can stop visitors and bots from even having access to your website.
If you’d like to block semalt.com (or any other domain name) by using the .htaccess file, then here’s a few lines of code to add to the file:
# block visitors referred from semalt.com RewriteEngine on RewriteCond %{HTTP_REFERER} semalt\.com [NC] RewriteRule .* – [F]
You can also add these lines, as well, since they appear to also be using semalt.semalt.com and getting ready to use semalt.semalt.semalt.com, as well. So, change the code above so it’s like this:
RewriteCond %{HTTP_REFERER} semalt\.semalt\.com [NC]
Semalt, as far as I have been told, is apparently using a “botnet” (a virus/trojan) to do their “crawling” for them. According to a comment on a recent post here: http://www.adsensesuccess.org/block-semalt-to-protect-your-adsense-account/:
Semalt’s “office” in florida is just a virtual office, like a PO box, which they use to appear legit. They are all in the Ukraine. And Semalt is not just annoying but criminal. They are using a botnet of hijacked computers to referral spam. Warning: do not download soundfrost.exe it’s a trojan:
https ://www.virustotal.com/en/ip-address/217.23.11.15/information/
According to the Google Product forums, Semalt’s CEO, Yuriy Yakovenko, asked why Google was blocking (or removed) their website, soundfrost.org, from Google. Apparently it was seen as being malware. And it’s even being reported as being a botnet:
They are using a hacked botnet and @vote4obama2012 on twitter put up an image showing that they were offering a firefox extension which infects computers – very serious.
https://twitter.com/search?f=realtime&q=%23semaltcom&src=typd
I would ultimately like to get a list of all of the IPs that Semalt.com uses, so that I can block all of the IPs. But that may be worthless. Apparently there are a LOT of IPs that are being reported as being semalt.com, and if you want to try to keep up with all of their IPs you can go to this link here. Here’s an example of what’s being reported:
There is a page on the semalt.com website about the semalt crawler. There is a form on that page that allows you to enter your domain name and they apparently will stop crawling your website. I have entered a domain name as a test to see if it will keep coming back. I recommend that you enter both the domain.com and the www.domain.com in there if you want to test this. However, keep in mind that this could just be a ploy…to get you to enter your domain name so that they pay MORE attention to your website rather than actually stop crawling.
There are a lot of other sites talking about how you can block Semalt and their activities, and frankly I really believe that this is a mess. It’s costing a lot of people a lot of time and even a lot of bandwidth that semalt.com isn’t paying for, legitimately. So, one way to stop this would be for Google to ban the semalt.com domain name from their search engine index.
Here’s some other sites that are talking about banning Semalt.com, there may a better way to do it than simply using the .htaccess file or blocking their IPs.
How to block semalt.com from visiting your WordPress website…
WordFence Support topic on blocking Semalt
How to Block Semalt.com from Referral Sources.