Comment Spam | Tom Raftery's Social Media

Tag Archive for 'Comment Spam'

Comments fixed! - AuthImage 2.0.4 breaks AuthImage addressing.

Published

on 21/1/2005

. 4 Comments

Well, it serves me right. After crowing about how good AuthImage is to everyone, I forgot to check it after getting my hosting company to “rebuild php with the required modules“. It was still broken on this site, meaning no-one could comment!

This time, when I accessed the authimage.php file directly asking for an image (i.e. authimage.php?type=image), I was served up the image, no problem. So I knew, now that the error was elsewhere. A quick trawl of my log files showed a lot of 404’s for /wordpress/wordpress/…/authimage.php - the duplication of the wordpress folders was incorrect so now I knew there was an error in addressing the image.

Addressing takes place in the wp-comments.php file so I corrected the error there.

Interestingly this was the reverse of an error I had corrected previously. It seems that my upgrade to Authimage 2.0.4 ‘fixed’ this error, causing my earlier correction to fail!

All’s well now anyway, so comment away mad!

Stopping Wordpress blog comment spam - the conclusion!

Published

Tom Raftery

on 10/12/2004

in Blogging and Comment Spam

. 1 Comment

Renaming the wp-comments-post.php file had a drastic effect on the comment spam - it appears very many blog comment spammers go directly to this file to submit their spam.

After changing the name of this file, not only did the amount of spam fall off significantly but the number of 404’s for this file ballooned - mostly from ip addresses in Brazil or Bulgaria.

Still one or two were getting through. On the offchance that this would increase again, I installed Gudfly’s Authimage. This is a Wordpress plug-in which displays an image with some random text that the commenter has to enter in order for their comment to be submitted successfully.

I installed that plug-in this morning and with help on the design side from FrankP, I re-designed the comments page accordingly.

I am now looking forward to significantly reduced comment spam.

How to stop Wordpress Blog Comment Spam

Published

Tom Raftery

on 6/12/2004

in Blogging and Comment Spam

. 3 Comments

I have recently been plagued with Blog Comment spam on this Wordpress powered Blog. The Comment spam takes the form of comments on posts containing links to poker/pharmaceutical/whatever sites - the point being that if the comments are published, the sites will gain another external link and rise in search engine rankings.

I moderate all comments on this blog so nothing gets published without my approval. Hence, the spam comments are never published, but I have to wade through them to find genuine comments and then delete the spam - this process is, at best, tedious and at worst, a pain in the … neck.

I searched for ways around this and found a nice Wordpress plug-in called WPBlacklist. This plug-in has a very comprehensive configuration and, at first, worked very well. However, more recently, it was causing errors on the site whenever someone tried to make a legitimate comment.

I was alerted to this by Michele and he pointed me towards another plug-in for helping with blog comment which he finds useful. This one works on the basis of checking for links in the blog to Spam identified sites - it sounded promising, so I tried it. Again I was disappointed because I was still receiving many emails notifying me of comments (most of which were spam) and then I had to delete these comments.

Finally, I came across a post by Fahim Farook - the developer of the WPBlacklist plug-in that I had the trouble with previously. In his post, though, he recommends re-naming the Wordpress comments file - and references to it.

This sounds like a beautifully simple way to overcome this problem. It should stop most automated comment scripts. I am trying this solution now - I renamed the file and the reference I found to it in the index file. I’ve also re-named some of the variables in the comments file (specifically the $comment_author_url and $comments variables). I haven’t tested it extensively yet, but so far, so good - and no comment spam has come in since I did this! Here’s hoping!

Log file and Blog comment spam

Published

Tom Raftery

on 28/11/2004

in Blogging, Comment Spam and Referrer Spam

. 3 Comments

I use AwStats to monitor traffic on the tomandpilar.net site. I monitor the traffic regularly and recently started to notice that my site was apparently being linked to by some very strange sounding sites - Online Poker sites and Online Pharmacies!

A quick bit of investigation (and a quick word of explanation from FrankP) told me that I was the victim of Log File Spam. The idea behind Log File Spam is that Log File analysers, like AwStats, often create html based reports including hyperlinks to referrers. Therefore, if someone appears to come to my site from genericlogfilespammer.com, there is a link to that domain automatically created in my AwStats file report.

If the report is not password protected, then this is found by search-engines and it increases the page-ranking of the spammers’ site.

How do we combat this?
Luckily there are a few simple steps we can take to combat this. The first and most basic, is to password protect the Log File analyser folder.
As added protection, a line can be added to the robots.txt file instructing search engines not to look in the log file analyser folder. Add the following line:
User-agent: *
Disallow: /Insert Logfile Analyser folder path here/

After a little further digging I found an article on how to modify my .htaccess file to exclude the majority of offenders. I modified my .htaccess file follwing the tips on this site and using some of Joe Maller’s sample .htaccess file data .

This was my first time modifying an .htaccess file by hand so I am interested to see how it will work out for me. If you would like to check out a copy of the .htaccess file I created - click here

I am also plagued by Blog comment spam. I have always moderated comments on my blogs but it is still a pain to be receiving emails about spam comments daily - which then have to be deleted. Hopefully the .htacess modifications will eliminate a lot of this too.

UPDATE - The link to Joe Maller’s .htaccess file above appears to be re-directing to microsoft.com. I have emailed Joe to ask if this is expected behavour. In the meantime, if you find yourself unable to access it, feel free to browse my own effort - a lightly edited version of Joe’s file.