Comments on: Spam Blocking Redux http://www.darcynorman.net/2006/11/04/spam-blocking-redux/ just a lowly edtech geek, mumble mumble university of calgary Fri, 19 Mar 2010 20:41:04 -0600 http://wordpress.org/?v=2.9.2 hourly 1 By: Sami Khan http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82595 Sami Khan Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82595 I personally enjoy moderating all of my comments. Often people feel like they're done something wrong and that is not to say that now and then I don't see comments, but for the most part its been pretty good. Also getting a module that locks sending any more comments after a certain period of time can be useful, however limiting in the conversations... They're rats, whatchu gonna do but try to block them..? A week ago some guy decided I guess it would be funny to send thousands of bots to a particular page about a particular president's policies. I deleted the page, the bot attack went away after quite a bit of time may I add after I deleted the page. I personally enjoy moderating all of my comments. Often people feel like they’re done something wrong and that is not to say that now and then I don’t see comments, but for the most part its been pretty good. Also getting a module that locks sending any more comments after a certain period of time can be useful, however limiting in the conversations… They’re rats, whatchu gonna do but try to block them..? A week ago some guy decided I guess it would be funny to send thousands of bots to a particular page about a particular president’s policies. I deleted the page, the bot attack went away after quite a bit of time may I add after I deleted the page.

]]> By: dnorman http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82596 dnorman Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82596 I used to disable comments after 30 days, but that prevents long discussions, or picking up a conversation after a break. I've avoided moderating comments, because I always feel unsure when I submit a comment to a moderated blog. Will the moderator see it? will it be buried in a pile of spam? when will it be approved? etc... it breaks down the fluidity of a conversation. But it's one of the more effective anti-spam strategies. Stupid spammers, wrecking everything again... I used to disable comments after 30 days, but that prevents long discussions, or picking up a conversation after a break. I’ve avoided moderating comments, because I always feel unsure when I submit a comment to a moderated blog. Will the moderator see it? will it be buried in a pile of spam? when will it be approved? etc… it breaks down the fluidity of a conversation. But it’s one of the more effective anti-spam strategies. Stupid spammers, wrecking everything again…

]]> By: Caleb G http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82597 Caleb G Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82597 Maybe it would be worth looking into some .htaccess magic and/or mod_security if this stuff doesn't relent. Just a thought. All of those requests to apache, php, and mysql eats up a lot of cycles even if you can keep them unpublished... Maybe it would be worth looking into some .htaccess magic and/or mod_security if this stuff doesn’t relent. Just a thought. All of those requests to apache, php, and mysql eats up a lot of cycles even if you can keep them unpublished…

]]> By: Caleb G http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82602 Caleb G Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82602 Got this as an error message at the top of the page after I posted my first comment btw: user warning: Table 'drupalblog.spam_surbl_cctlds' doesn't exist query: SELECT ccid FROM spam_surbl_cctlds WHERE cc = 'highervisibilitywebsites.com' in /home/.cruncher/dnorman/darcynorman.net/includes/database.mysql.inc on line 121. Got this as an error message at the top of the page after I posted my first comment btw:

user warning: Table ‘drupalblog.spam_surbl_cctlds’ doesn’t exist query: SELECT ccid FROM spam_surbl_cctlds WHERE cc = ‘highervisibilitywebsites.com’ in /home/.cruncher/dnorman/darcynorman.net/includes/database.mysql.inc on line 121.

]]> By: dnorman http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82604 dnorman Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82604 I've added some .htaccess directives to disallow ip addresses, but at least one of the attackers has access to a zombie network, with hundreds of different IP addresses from various networks all sending the comment spam attempts. The spam blocking got effective enough that they appear to have given up on posting actual link content, and are just salting the earth with complete nonsense (and no links). What a waste of resources (theirs and mine). I stepped away from the computer to have supper with the family, and play some games with my son, only to come back to a couple hundred vindictive crap comment posts. Nice. I’ve added some .htaccess directives to disallow ip addresses, but at least one of the attackers has access to a zombie network, with hundreds of different IP addresses from various networks all sending the comment spam attempts.

The spam blocking got effective enough that they appear to have given up on posting actual link content, and are just salting the earth with complete nonsense (and no links).

What a waste of resources (theirs and mine). I stepped away from the computer to have supper with the family, and play some games with my son, only to come back to a couple hundred vindictive crap comment posts. Nice.

]]> By: dnorman http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82605 dnorman Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82605 and thanks for the heads-up on the error, Caleb. I wasn't seeing that because I'm logged in, and that part of the spam blocker is turned off for logged-in users. It should be fixed now. and thanks for the heads-up on the error, Caleb. I wasn’t seeing that because I’m logged in, and that part of the spam blocker is turned off for logged-in users. It should be fixed now.

]]> By: dnorman http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82613 dnorman Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82613 hidden form fields only work until the bot wrangler decides to check the form and add some code to lookup/generate values for those. I'd tried that long ago, back when I was using WordPress. It didn't work for very long. Kittens? Really. It's cute, but seems like a rather gimmicky hoop to make people jump through. hidden form fields only work until the bot wrangler decides to check the form and add some code to lookup/generate values for those. I’d tried that long ago, back when I was using WordPress. It didn’t work for very long.

Kittens? Really. It’s cute, but seems like a rather gimmicky hoop to make people jump through.

]]> By: dalin http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82614 dalin Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82614 Hey darcy, You might take a look at these two options: http://isc.sans.org/diary.php?storyid=1836 -hidden form fields http://www.kittenauth.com/ - a new drupal module Hey darcy,
You might take a look at these two options:

http://isc.sans.org/diary.php?storyid=1836
-hidden form fields

http://www.kittenauth.com/
- a new drupal module

]]> By: Caleb G http://www.darcynorman.net/2006/11/04/spam-blocking-redux/#comment-82620 Caleb G Wed, 31 Dec 1969 17:00:00 +0000 2043303419#comment-82620 No problem dnorman. There are other htaccess methods than ip banning. This article can get you going in the right direction and then if you want to know anything more may start googling: http://diveintomark.org/archives/2003/02/26/how_to_block_spambots_ban_spybots_and_tell_unwanted_robots_to_go_to_hell And then there is always mod_security which is much more robust: http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/ No problem dnorman. There are other htaccess methods than ip banning. This article can get you going in the right direction and then if you want to know anything more may start googling:

http://diveintomark.org/archives/2003/02/26/how_to_block_spambots_ban_spybots_and_tell_unwanted_robots_to_go_to_hell

And then there is always mod_security which is much more robust:

http://atomicplayboy.net/blog/2005/01/30/an-introduction-to-mod-security/

]]>