Tag Archive for 'Comment Spam'

Comment spam run last night

Published
by
Tom Raftery
on 4/10/2005
in Comment Spam and Technology
. Comments

Apologies to anyone who subscribed to comments on this site and was emailed the spam comments which hit this site last night.

The site was hit by over 80 spams overnight - the first spam run to make it through my anti spam defences in over a year.

Curiously, all the spams came from a single ip address (71.57.133.162) and that ip is now blocked by my .htaccess file.

Hopefully it will be another year before this happens again!

UPDATE:
I see this spammer also visited the Spamhuntress - what a twit! Go get him Ann!

Comment spam plugins no longer required!

Published
by
Tom Raftery
on 8/3/2005
in .htaccess, Blogging, Comment Spam and WordPress
. 44 Comments

I have written many posts on my battles with WordPress comment spam but all that appears to be coming to a very satisfactory solution. I am now no longer using any comment spam plugins and I have stopped moderating comments on this blog.

How did I get to this enviable position? Well, it has been a long road and I have learned loads about WordPress along the way.

I started down this road by trying various comment spam plugins with different degrees of success. However, none were really satisfactory. The best one was WP-Hashcash - best in that it was most transparent to the user - but it requires commenters to have Javascript turned on in their browser. So I kept looking for another strategy to eradicate this scourge from my blog.

I upgraded from WordPress 1.2 to WordPress 1.5 (the current version) - WordPress 1.5 has a number of anti spam comment features natively built in.

Of these, I have set the number of links allowed in comments to 3 - any more than that, and the comment is auto-moderated.

I have populated the blacklist with a short list of words (just over 40) - any comments containing these words are automatically deleted - boom! No notification to me, no notification to the commenter.

I have written a custom .htaccess file which blocks a lot of potential spam commenters at the gates. Instructions on how and why I set it up are here.

And finally, I have installed Dr. Dave’s plugin Referrer Karma. I know, I know, I said I didn’t have any comment plugins, but I don’t. Referrer Karma is a referrer spam plugin which just happens to work like my .htaccess file (but much more elegantly) to block the bad guys at the gates.

The combination of these measures has allowed me to turn off moderation on the comments on my blog - and so far (one week later) no comment spam has made it through my defences. I’m not saying the war is over but, so far, I seem to have won this round.

Easy effective control of comment spam

Published
by
Tom Raftery
on 14/2/2005
in Blogging and Comment Spam
. Comments

MacManX posted a comment spam strategy on the WordPress Beta discussion site the other day which caught my attention.

In the post he said he uses a plugin called WP-HashCash. The main advantage of this plugin is “it requires no maintenance or intervention on my part, and it’s invisible to my readers”.

He went on to explain:

WP-HashCash uses an encrypted hidden field. You must have javascript enabled to decode the encrypted field (most bots don’t use javascript) and must have entered the comment from the actual post link to generate the correct value for the field. So, if a bot either didn’t have javascript or directly visited wp-comments-post.php, the comment would simply not go through. No deleting, no moderation, it just never existed.

Intrigued at the prospect of a maintenance-free spam solution and taking him at his word on its efficacy, I have installed WP-HashCash and disabled Spam Karma.

I found I was having a couple of niggling issues with Spam Karma and since its developer, Dr. Dave, announced he has frozen development of Spam Karma, the decision to switch wasn’t a hard one.

I am combining this with the blacklist feature of WordPress 1.5 (which will require a little maintenance) and I am moderating comments until I am confident that WP-HashCash is the solution I have been looking for.

Roll on a spam-free blogging experience!

Using .htaccess to minimise comment and referrer spam

Published
by
Tom Raftery
on 12/2/2005
in .htaccess, Blogging, Comment Spam and Referrer Spam
. 23 Comments

I have been using my .htaccess file to stop comment and referrer spam on this site and it has been surprisingly successful (so far!). How do I create a .htaccess file capable of greatly reducing comment and referrer spam?

Firstly, I use Awstats to analyse visits to my site daily and I use Spam Karma to help control comment spam. Both applications give me information on spammers visiting my site.

Awstats gives me a list of the referer sites - this list contains those sites which are trying to spam my referrer logs. I monitor those sites and as new ones appear I add them to my .htaccess list in the form:
RewriteCond %{HTTP_REFERER} \.domain\.tld [NC]
where .domain is the domain trying to spam my site (psxtreme, freakycheats, terashells, and so on) and the .tld is the top level domain the site is registered to (.com, .net, .org, .info, etc.).

So, for instance, in the case of the spammer coming from the smsportali.net domain, I have added the following line to my .htaccess code:
RewriteCond %{HTTP_REFERER} \.smsportali\.net [NC]
This will stop accesses from all subdomains of smsportali.net (spamterm.smsportali.net) to the site and the NC ensures that this rule is case insensitive.

In the case of comment spam, I have configured Spam Karma to email me every time it deletes a spam comment - this is becoming rarer and rarer as the .htaccess file becomes more and more effective. I have configured Spam Karma to include the server variables and request headers of a comment that is not approved in the email - this is one of the configuration options of this plugin.

Scanning these emails, I can see the User Agents being employed by these spammers - armed with this information, I added the following lines to my .htaccess file:
RewriteCond %{HTTP_USER_AGENT} Indy.Library [NC,OR]
RewriteCond %{HTTP_USER_AGENT} ^Crazy\ Browser [NC]
RewriteRule .* - [F]
and this has greatly reduced the amount of comment spam coming through.

Also, Cindy alerted me to the fact that adding:
RewriteCond %{HTTP:VIA} ^.+pinappleproxy [NC]
RewriteRule .* - [F]
Will also catch a lot of the spammers.

I have a copy of my .htaccess file available for review (it is in .txt format).

NOTE:
For each set of rules in your .htaccess file, you need to finish with a RewriteRule - RewriteRule .* - [F] will give a 403 (page forbidden) to the spammers. Your last set of rules should end with RewriteRule .* - [F,L] - the L telling the RewriteEngine that this is the last line and to stop processing the rules here.

IMPORTANT WARNING:
the .htaccess file is a very unforgiving file. It has the power to make your entire site unavailable to anyone. It is strongly advised to read up on Regular Expressions and Mod_Rewrite (the Apache module which processes these commands in a .htaccess file) before creating a .htaccess file or modifying an existing one.

Trackback spam explained

Published
by
Tom Raftery
on 10/2/2005
in Blogging, Comment Spam and Trackback Spam
. Comments

I posted about Trackback Spam previously but it was brought to my attention that I didn’t explain it properly, so I am now going to attempt to rectify that.

If you are using a blogging application, like Wordpress, there is a facility called Trackback, whereby, when you are making a post in your blog, and you refer to a post someone else made in their blog, you can add in the trackback uri of their post (normally displayed at the end of their post) to your blogging software, and it will send a notification (called a trackback) to them.

When their blogging software receives this notification (Trackback), it displays the relevant part of the post in the comments section of the site.

Spammers are recently starting to post faked trackbacks directly to people’s blogging software, pretending someone has posted about one of your posts, hoping your blogging software will automatically display their spam on your site (thinking it is a legitimate comment).

The reason they do this is to get links from external sites to their sites, thereby pushing up their all-important Google Page Rank.

Combatting WordPress Trackback Spam

Published
by
Tom Raftery
on 1/2/2005
in Blogging, Comment Spam, Technology and Trackback Spam
. Comments

I have blogged with boring regularity about my battles with WordPress comment spam and my ultimate defeat of it using the Authimage plugin.

This morning I was hit by a new plague (new to me anyway!), trackback spam. TrackBack spam is very similar to comment spam. The spammer sends TrackBack pings to this site, they are listed in the comments area, and they direct readers to a totally unrelated URL. Also, if listed, they increase the target site’s Google Page Rank (PR).

My first response has been to rename the wp-trackback.php file to see if this will stop this scourge. To ensure genuine trackbacks can still get through, I had to edit the reference to wp-trackback.php in the template-functions-comment.php file. This is not a foolproof solution, I realise, but I will re-assess the situation over the coming weeks and see if more drastic measures need to be taken.

Why do I have a horrible sense of foreboding?

Tom Raftery’s Social Media is Digg proof thanks to caching by WP Super Cache!