May 17
It had to happen sooner or later!
2004 at 01.54 am posted by Veerle Pieters
Yesterday I got hit by comment spam for the first time since my blog started in 2003. My guess, that’s the toll to pay when a blog is growing up. Both spammers were from the US (no surprises here) and only one I could trace as a Verizon customer. I’m sure many popular blogs have been down this road before but for me this is new territory. I’ve sent an e-mail to the abuse address from Verizon and blocked both IP addresses.
I’m using pMachine and the comment post feature is set with a delay to avoid spamming but obviously that’s not enough to rule things out. Now I’m wondering if there are any more actions that I can take to avoid things from happening again. I’m also wondering if you also had this what are your counter actions on the matter. Any tips would be greatly appreciated.
It’s not that bad now since there were only two, so deleting wasn’t that hard. Obviously the last thing I want is to close comments since that an essential part what makes blogging so fascinating.
7served
1
My weblog is powered by Movable Type and I’m using the wonderful MT-Blacklist plugin from Jay Allen, which relies on a shared blacklist to prevent spammers for posting in the first place and to delete any spamming comments that get through.
I’ve been using it for a couple of months with excellent results (considering that on some days I used to get a dozen of spamming comments, while I haven’t seen one since I put the plugin to work) but I don’t know if anything similar exists for pMachine.
Comment spam usually affects older entries, so maybe you might consider closing the comments on (very) old posts, if your CMS allows you to do so.
2
I’ve built my own weblog from scratch since it would take me the same amount of time to get used to and modify a readymade blog like movabletype.
To protect my blog from spammers i’ve built a ipbanlist which automaticly gets updated when the system suspects a spammer, works with certain rules and it works like a charm.
3
I use wordpress and have written a function that filters out comments with certain keywords or keyword combinations. It isn’t 100% spamfree (what is?), but does a nice job.
4
Veerle,
In the PHP-page where you receive the form data and write it to your database, you can check if the referring page (it schould be the page with the filled in form) was a page on your server. If it wasn’t, don’t accept the data.
5
to complete my previous post:
This wil of course not stop spammers who manually fill in the comment form on your site. It will only stop those who write scripts to post to your blog.
I don’t know if this is what happened.
6
Hi Veerle,
I’m having the same problem, and it seems that only popular blogs encounter those kind of comment spam.
Comment spam is a program that logs on to your comment-page and places comments with some kind of time delay. I think that Blogger.com has come up with a system to block those comments with a ‘word-verification system’ (a bit like you had when you where making a Hotmail account). Since only a human can read the word, those computer-programs can’t place comment-spam. Of course, a system like that must be placed by the system-adminstrator…
7
@dave, this article is a rather old article (2004) from my ‘old’ (pMachine Pro based) blog. I’m using Expression Engine (EE) now from pMachine, which has much more security features built in. Spammers need to enter a comment manually with EE, which wasn’t the case with my previous blog. I can control the spam comments these days. In case it gets too much I can always enable EE’s Captha option but I’m not using it at the moment since it’s not really needed. Hopefully it can stay this way forever.