Oct 29
Nasty evil thing…
2004 at 08.17 am posted by Veerle Pieters
Boy do I hate comment spammers, they make life miserable! :-( Right now my blog is under attack and I loose lots of time in research to find the bastard to block him permanently. He’s using spoofed IP addresses and this makes it extra nasty to find who is doing this. A Google search brought me to the conclusion that I’m not the only one right now who is suffering from the same comment’s spammer.
Just do a search on “comment spam with princeofprussia” or “comment spam with phentermine” on Google and you’ll know what I mean. This is only one of the many words he uses. If anybody knows more information about this person, please let me know. If this can’t be solved I’ll be forced to take actions and close comments and allow only members. Hope you don’t mind if I need to do this and that it won’t scare you off to keep writing comments.
UPDATE I : It seems that I’ve found a solution that actually works by censoring the words they use in their url. This way the url’s don’t work anymore since the words are turned into asterisks, so unreadable and unusable. The only way around it would be registration a new domain name, but that would be pretty difficult since all the common/known words are in my list. And if one slips through my security it’s just a matter of adding this new word to the database and they are blocked again. So, url’s that don’t work are useless, plus their page ranking won’t go up since everything is changed to asterisks (even in the source code). They can post, but what’s the point since nobody will have any clue what it is about and they will not get paid for such a result. Restricting the comments to ‘members only’ was really my last option. So far this won’t be necessary.
I would like to thank everyone for their comments here. Comments are the fun part of my blog and it’s you guys that keep me motivated to keep on writing stuff ;-) BTW I’m not running Movable Type, but this site is powered by pMachine.
UPDATE II : Another thing that bugs me a bit is that I’m surprised that nobody has found the perpetrator yet, since it is so wide spread. I see exactly the same spam comment on some other blogs.
19served
1
I just read about your complain about spam. we use to have the same problem until 3 months ago when we found this company: http://www.cloudmark.com/
I can only say that the spam have stoped. Automatically goes to a folder and doesn’t “infect” the inboxes any more.
i do not work for them or anything.
it’s worth a look and pays for itself in a couple of weeks.
regards
2
raimundo - Verle is talking about comment spam - you know the bit where you just typed your comment, not actual email spam which is what cloudmark deals with.
Verle - how about closing comments to non-members after so many hours/days.
3
@Dave I see, not sure. I have closed a few already, only my footer ends up a bit “messy” but maybe that’s not so bad since spammers are worse. So far the spammer has stopped, fingers crossed it stayed this way. I’ve blocked some of the words he uses this way all urls get messed up and don’t work anymore. Maybe now I’m working on his nerves...lets hope :-D
4
Yeah comment spammer are an incredible nuisance. I get them on some of the other sites I manage.
One option would be to require a login and have machine checking in place for the registration. Another would be to use the same machine checking for the comments, though it seems this guy isn’t a machine.
Other than that: make the comments autoclose after some time (say a fortnight), that seems to work pretty well.
5
You could add a “human check” to your comments form, like a GIF with a word hidden in it that you have to type in.
Blocking IPs and URLs without some kind of “intelligent” system that learns (Bayesian? Community blacklist like MT-Blacklist?) will just be an endless uphill battle :(
6
The human check thingy sounds like a very good option and shouldn’t be to hard to code. On the other hand, they are becoming more and more common and they usually annoy me (to a point where I would want to use some kind of OCR on it).
But so far it seems like the best option besides asking everyone to register. :)
7
Hi Veerle,
I was just browsing Asterisk, when I found this post: Easy Comment Spam Fix which might be worth reading. Not just the post, but also the comments and links. Good luck.
8
Veerle,
How about this:
Have two hidden input fields (akin to username and password). Store a set (1,000 should keep spammers off your back!) of combinations somewhere in a database. Choose a random first value, and store it in one hidden field, then put the password for that variable in another hidden field. Check for valid and matching input fields, if they’re there, then accept the comment, otherwise bin it.
Just a though- I’ve never used MT as such- but I think that’s how I’d go about tackling it.
Many thanks,
Dom
9
these spammers are a real pain in the ass… i had to deal with this guys a few days ago… now i can find the “delete comment” button with closed eyes.....
10
I also have to deal with them… but what I just think of, I guess a lot of them are posted automatically and that could be taken care of by having such a system where you have to type the numbers you see in some image… (if you don’t know what i mean, do a whois on networksolutions.com for instance...)
11
Its only sad you’re giving into what the spammer wants in the first place. Of course, I and the regulars will maintain interaction even after you make it available only to members.
If you’re on MT, try one or more of their anti-spamming plugins.
12
You don’t need to make it members only- I’m sure my way round it will beat it… and shouldn’t be too hard to implement! Please keep it open!!!
D
13
Did anyone see on Zeldman’s Site, one of the links in his “Of the moment” list read “Why Zeldman.com does not allow comments”. I was about to get comfortable to read a good article on...well...something good.
Needless to say, he made his point.
I got a good kick out of it.
14
Dustin - sure, but Zeldman doesn’t run the same type of site as this one.
I mean, can you imagine Whitespace for instance without comments?
15
I think it’s more of a reason than just whitespace. His work stands alone and will get discussed everywhere else. So really, there’s no need to add a comment feature on his site. It would just cause unecessary traffic.
Veerle’s site is different. It would seem awkward to not allow comments on things such as her tutorials etc.
Btw, veerle, I knew I’d come back. I posted a while back on the Designing a CSS based template tutorial.
Good luck with the anti-spam. Consider it a good problem because you have a healthy flow of traffic.
16
Heh my site’s had the comment spam, and mine’s not popular, i’ve never even given out the url!
17
i have been hit with the commnet spammer as well. he uses the mail.ru domain. i guess i can use that string as one of the forbidden word.... isure wish somebody can zap the ^&#$*
18
we’re just being hit by online poker game. I keep banning the ip addresses but to avail. I was wondering if you could tell me how you changed the comments form to preview and use the custom html tags for coding?
19
@Nick: I’ve send you an e-mail with all the necessary details for implementing this.