Welcome to WebmasterWorld Guest from

Forum Moderators: phranque

Message Too Old, No Replies

Comment spam

I'm flooded! Please help me cope!

7:31 pm on Jul 30, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:June 18, 2003
votes: 0

I'm not sure this is the right place for this, so I apologize in advance if I've picked the wrong forum.

I blog fairly heavily. I have one blog for my professional writing issues (I'm a writer) and a second personal one.
I've always dealt with comment spam-- no big deal, really. You ban the IP and delete the comments. It's a bit of a hassle but it's worth it for the legitimate comments you get.
Usually, you get a couple of them from the same IP address on entries that link to each other or are linked to from the same place, and it's easy to get a handle on them.

Until lately. They've been getting worse and worse. Today I started getting hammered with a new one: coming in batches of 15, from 10 or 12 DIFFERENT IP addresses-- wildly different IP addresses-- all at once. All over the blogs. Both blogs, entries dating back six months, more recent entries-- anything old enough to have been spidered by Google.

I don't know what to do. I'm going to have to shut down comments on my blog. This is a pain in the butt, and also upsets me, because I had comments enabled for a reason besides a desire to delete porn links all day. I'm really upset to have to do this, but spammers are giving me no choice. I don't want incest site links all over the obituary for my friend's mom. It's just too disturbing. But I can't keep up with these! They just don't stop.

Does anyone have any suggestions? I don't want to switch my blog package, as I'm happy with it from every other point of view.

I was thinking that I could perhaps find out something from my server logs-- is there some way I could figure out what the bots are that are doing this, and ban them through robots.txt or htaccess or something?
For a while I was doing lookups on the offending IP addresses, and was contacting the ISPs of repeat offenders and complaining to them, but that's an awful lot of effort, and I don't think it's going to help with the latest thing.

I'm suspecting that the multiple-IP-address attacks are somehow related to spyware or a virus-- how else could it come from so many places at once? But I don't know. I don't really know anything about this.

I guess I'm just asking for more information about it. I guess I know why they're doing it-- I have decent PR on my site, and so I could help their search engine rankings. But I delete every one within 8 hours of getting it at the longest, so I'm not actually helping them... I suppose that's all I can do.

Anyway, thanks in advance for any insight or help anyone can give me... This isn't among my best posts, but I've been continually deleting incoherent garbage for three hours now, so I'm really not at my best. Sorry!

5:56 pm on July 31, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Feb 13, 2003
votes: 0

Yikes, what a problem!

I can't offer any technology-based suggestions to automatically stop the spam, but perhaps until you can figure it out you could turn off the auto-commenting feature in your blog and make your e-mail address available -- using one of the javascript-encryption methods, or perhaps in a gif image or something -- where you would tell readers "use this e-mail address to submit comments." No, that wouldn't meet any accessibility guidelines, and it's not meant as a permanent solution, but it would at least stop the porn-spam while still allowing comments, while you get a handle on things.

6:08 pm on July 31, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Apr 4, 2004
votes: 0

Instead of an email address, you could have a formmail type thing in place of the comments box.

Let the comments come to your inbox and post the real ones. From the outside, the format's the same for people who like to comment, the only difference as far as they're concerned being that there's a lag between writing a comment and it appearing.

Alternatively, write a script to block any comments containing the word "porn" or variants thereof, and auto-modify links so that they don't pass any pagerank (like Brett does here).

Any good?

<added> Oooh, and put a little note that's what you do, so they realise it's fairly pointless. </added>

7:48 pm on July 31, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:June 18, 2003
votes: 0

>so they realise it's fairly pointless

What really bothers me most is that, I think, no human ever sees my site. They don't care if it's pointless; they're using a shotgun-effect to get as many links to their site as possible, and if many of them are instantly deleted or pass no PR at all, that doesn't matter; some will, and that's what's important to them.

What bugs the heck out of me is when I can see by reading the comments' content what the spammer's latest theory about the Google algo is. And I wish I could figure out how to contact them and say "you're two months behind, dumb***; all the cool kids moved on from that theory ages ago." Ah well.

Yes, it seems the most effective way is to close comments on all entries (which must be done manually, bummer) except for a few that might still attract legitimate comments, and figure only policing a few is easier, and anyone who really wants to comment will e-mail me...

I do need a good e-mail munging technique. I guess I'll have to research it. I had a good one, until I realized it didn't work in IE. Oops.

Well, thanks, in the meantime. :)

9:08 pm on July 31, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 26, 2001
votes: 0

>I do need a good e-mail munging technique<

No, you need a blog format that allows you to protect your comments from being spammed. They are a dime a dozen. Blog owners that have a comment spam problem need to take it upon themselves to assure that the site they run is secure.

The comment spam problem could be eradicated in short order if bloggers took advantage of the many tools that are available to them to combat the problem.

9:19 pm on July 31, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:Apr 4, 2004
votes: 0

Some more thoughts:

Most comment spammers access the mt-comments.cgi script directly. Knowing this, it gives us a possibility to prevent abuse using .htaccess:

RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_REFERER}!^http://.*yoursite\.com(/)?.*$ [NC]
RewriteRule ^path-to-mt/mt-comments.cgi - [F]

Some other ways of avoiding automated comment spam:

  • Readers of your weblog must register before posting to your weblog
  • Image comprehension technology (accessibility issues though)

    Like pmac says, there are loads of tools out there, just go Google (it's a verb) for them!


  • 3:58 pm on Aug 2, 2004 (gmt 0)

    Senior Member

    WebmasterWorld Senior Member 10+ Year Member

    joined:Mar 1, 2004
    votes: 0

    dragonlady7, you didn't mention which blogging software that you're using.

    If you are using Movabletype, there is Jay Allen's MT-Blacklist that works with MT versions older than v3 and it works very well as long as the list is kept updated (easy to do). I believe he is working on a version that will work with later versions of MT.

    You might also want to consider switching software.

    I used to use Movabletype v2.661 on one of my sites but recently switched to using b2evolution which has "antispam" built into the software. It is also quite easy to update its list. So far I've had no attacks.

    The reason I made the switch is due to a massive comment spam attack that went after mt-comment.cgi - my host suspended my site until I could get in there and fix it. My MT-Blacklist was current at the time of the attack as well. The attack somehow never got as far as to encounter the blacklist, nor did it show in any of my logs - but I could see the spike in the bandwidth after the fact. My host could see it happening in real-time.


    Join The Conversation

    Moderators and Top Contributors

    Hot Threads This Week

    Featured Threads

    Free SEO Tools

    Hire Expert Members