Comment spam on the rise.

We’ve been getting hit with more comment spam than usual lately. A good chunk of it appears to be people actually taking the time to type in the captcha by hand, but there appears to be at least one automated system that’s bypassing the captcha. So I’ve gone ahead and re-installed the Bad Behavior plugin for EE in hopes of cutting it down a bit. I had stopped using BB because it in combination with Akismet was contributing to so lengthy comment posting times and getting in the way of some folks successfully leaving a comment.

Let me know if things get wonky and I’ll look into alternative solutions. As much as I’d hate to do it I’m considering just making registration mandatory at this point as it would make banning the spammers much more manageable. It seems the vast majority of comments we’re getting these days is from regulars anyway so it’s not like it’d be a big loss. There’s also at least one other captcha variant plugin available for EE that I saw a few days ago that might prove useful. I’ll have to see if I can track it down again.

Update: Looks like the Bad Behavior plugin doesn’t like AOL IP addresses so I’ve turned it back off for now. Will have to look into other options.

4 thoughts on “Comment spam on the rise.

  1. Thanks Les- Yes guys, its my fault.

    I have a problem with editing Wiki sometimes- apparently AOL run their IPs differently to most other ISPs, meaning I can be sharing with someone else (I believe its some sort of security measure, the way AOL kill viruses and stuff), and if the IP they connect me to Wiki is shared with a ‘problem editor’ then it tends to lock me out. 

    I’ve already offered Les the Vulcan “Needs of the many” option, so if he feels he has to turn on BB again, then I’ll be a reader not a poster.

    The ‘members only’ would be a pity.  Let’s face it drive by fundies can be funny.  We could all get too self referntial here.  The Fundies only listen to what they want to here- it would be terrible if we got like that, instead of getting to pit outselves against them!

  2. Why would anyone use AOL for anything? I’d say leave Bad Behavior on Les and give anyone still using AOL yet another reason to switch away from that rancid internet service.

  3. Les – you might want to try doing some .htaccess tricks wink

    This page was a good eye-opener for me on what you can do pretty simply to cut way down on comment spammers.

    http://perishablepress.com/press/2006/11/20/block-spam-by-denying-access-to-no-referrer-requests/

    Also, bots are getting around captchas now in a large way by guessing the captcha based on the filename of the picture served, because unfortunately, most captcha images are named after their contents. Real-time OCR is also increasing rapidly, to the point where bots scrape for captcha images, the images get OCR’d and decoded into a captcha image database, and then a second bot returns to actually place the comment since now the captcha is decoded.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.