skip to navigation
skip to content

stopforumspam 1.4.2

Django middleware for blocking IPs listed in

Latest Version: 1.8

Tired of comment spam, form spam and dumb crawlers? A django application that provides middleware for blocking IPs listed in’s database. It only reacts on POST requests, so don’t worry about a huge table of rules having to be passed at every request. It’s quite painless.

A simple management command is provided for updating the database from sfsupdate [–force]

Using this command, all IPs are stored in Django models, and using django-admin, it’s possible to add your own extra IP addresses on a permanent database.


  1. Install the latest release from pypi:

    sudo pip install stopforumspam

  2. Add this to settings.MIDDLEWARE_CLASSES


  3. Then add this to INSTALLED_APPS


  4. And run:

    python syncdb

  5. To insert all the IPs run this command, which you should make a cronjob (run it every 24h).

    python sfsupdate

You may remove stopforumspam from your INSTALLED_APPS after, if you do not wish to see it in your admin pages.


The following options exist for your project’s file:

To check ALL POST requests:


To ignore some URLS:

SFS_URLS_IGNORE = [“url_name”, “/url/path”]

To only include some URLS (only works if SFS_ALL_POST_REQUEST=False):

SFS_URLS_INCLUDE = [“url_name”, “/url/path”]

If your application is behind a set of proxy, you can use a specific HTTP Header as a source of the client IP:

SFS_HTTP_HEADER = “X-Forwarded-For”

### Synching with

Be nice to their servers and remember that they have strict enforcements on the files that they offer. So before you start testing, you could consider using a local file as a test.

To configure where to download the file from (you can MAX download 2 times a day) - see for more resources:


But you should really use a local file if you have more than 1 Django project with stopforumspam running from the same IP address. To do this, use a local protocol:

SFS_SOURCE_ZIP = “file:///path/to/

You can control how often at most the update should be performed


…and how long back the log should remember the rejection of POSTS and IPs.

SFS_LOG_EXPIRE = 1 #days

Remember to configure this as well – it’s the name of the file inside the .zip file:

SFS_ZIP_FILENAME = “listed_ip_7.txt”

For testing you can force all requests to be checked.


Cron Jobs

You probably want to automatically update the list of blocked IP addresses every 24 hours or 48 hours. To do that, you can insert a line in crontab.

0 2 * * * python /your/project/path/ sfsupdate

The above would update at 2 AM every night. If you have several projects and sync them with a local file, you can add:

0 2 * * * wget -O /tmp/ ; python /your/project/path/ sfsupdate
File Type Py Version Uploaded on Size
stopforumspam-1.4.2.tar.gz (md5) Source 2014-07-11 6KB