New comment spam blocker
Over the weekend, the site got hit by more than 130 comment spams. These are junk messages added to the comment sections of individual articles, usually consisting of links to off-shore gambling, viagra and vioxx. Spammers use automated scripts to leave the same message on article after article, site after site. It’s hard to say whether they actually intend to sell products, or if their goal is simply to annoy.
WordPress, the system that powers this site, is pretty good at flagging potential comment spam so that it doesn’t show up for readers, but that still leaves me to go through and clean it up. So on Sunday I implemented a new passphrase system that should hopefully stem the tide of comment spam, without being too onerous for actual readers.
Now, when you try to post a comment, you’ll be asked to type in a certain word from a given phrase. If it matches, your comment is posted. If not, your comment is ignored.
The system is not terribly sophisticated, and a devoted spammer could probably code around it in half an hour. But I suspect it wouldn’t be worth the time or trouble. Here’s hoping, anyway.
Let me know if you run into any trouble with the new comment system.
Articles
November 1st, 2004 at 1:33 pm
Pretty nifty!
November 2nd, 2004 at 10:35 am
Nice solution, John. It’s just too bad that you have to go to these extremes!
November 2nd, 2004 at 12:10 pm
Well your quick to the chase John. I haven’t seen one of these messages, I mainly only read the newest comments to the latest news articles.
I would like to get into the brains of those people who create viruses. Not because I want to create them but because they are things you face everyday and its amazing how they spread and manage to get past the billion dollar programs.
November 10th, 2004 at 5:33 am
Hmm, there seem to be far less comments appearing now this is in place… weird. Or maybe all americans are on holiday or escaping?
November 26th, 2004 at 2:28 pm
John, would you mind sharing this with me? I would love to implement this on my blogs.
November 26th, 2004 at 3:38 pm
This is where I got the original code:
http://internetalchemy.org/2004/09/zero-comment-spam
As you can see, you have to be willing to hack up the underlying PHP files a bit. At first, I couldn’t get it to work — you’ll see I posted comments on the original article about what I needed to change.
I’m leery of being too boastful about its success, because it wouldn’t be too hard for a crafty spammer to crack. But since I’ve implemented it, I’ve had exactly zero spams.