My first spam attack!

December 9, 2006 18:02

I just started getting the first comment spam attack on my blog today. For some reason, it seems that someone really thinks visitors to my blog are seriously into porn and gambling.. maybe they are?

Anyway, I thought the WP-HashCash WordPress plugin would be good enough to fight those, but it seems I was wrong. I’m doing a little research now to see what technique (or combination of techniques) will give me maximum spam protection with minimum user annoyance. Until I find that solution, you might see some spam around - I apologize in advance for that, but I prefer having some dirty, offensive spam around than blocking comments to registered users only for now.

Believe me, I’ve been under worse bombardments than this ;)

Filed under Linux & FOSS, Meta

7 Responses to “My first spam attack!”

  1. shahar
    December 9th, 2006 | 18:06

    BTW: I did some log analysis, and it seems that the spam robots are all coming from different IP addresses somewhere in the 85.255.113.0/24 range. They also all request two pages - first, they GET the article’s page, and then they POST to the trackback URL. Maybe this is how they get around HashCash - by parsing and submitting the entire comment form, and not by just sending a POST request with a comment.

    If this is the case, I might have to add a CAPTCHA challenge…

  2. Rob...
    December 10th, 2006 | 19:31

    This is what I have set up:

    Askimet!

    Set your Discussion Options to Hold a comment in the queue if it contains more than [ 1 ] links.

    I have the comment Moderation words filled in with the list from the “common spam words” link.

    I also have a comment black list containing:
    rolex
    pheromone
    phentermine
    ambien
    viagra

    Also “Blacklist comments from open and insecure proxies.” is checked.

    That lot results in rarely getting spam and never getting it onto my actual blog.

    WP-HashCash looks interesting - I might install that too!

    Regards,

    Rob…

  3. Rob...
    December 10th, 2006 | 19:33

    Oh, and disable “Allow link notifications from other Weblogs (pingbacks and trackbacks.)” in Discussion Options too :)

    Regards,

    Rob…

  4. shahar
    December 10th, 2006 | 20:50

    Hi Rob,

    Actually, I’m trying this plugin called “Simple Trackback Validation” which is supposed to validate a trackback is legit by calling the trackback source and verifying that it actually links to your post.

    Let’s see how it works…

  5. shahar
    December 10th, 2006 | 21:06

    and btw: I’m also blacklisting those words. This is why I had to manually approve your comment ;)

  6. Rob...
    December 15th, 2006 | 07:48

    *grin*

    it’s very frustrating to have to deal with spam and go through hoops to try and prevent it, isn’t it?

    Regards,

    Rob…

  7. shahar
    December 15th, 2006 | 08:20

    Yeah, I wonder when I’ll give up.

    Then again, having installed Askimet a few days ago, I didn’t get any SPAM pass through YET.