Home > BlogTech > Nibbled to Death by Spammers

Nibbled to Death by Spammers

May 27th, 2004

Well, I am coming much, much closer now to switching to a blog type which requires registration. And I hate doing it. However, I just don’t see as how I’ve got the choice here.

I was hoping to be able to stay with what is tried and true, good ol’ Movable Type v. 2.6. Up until now I’ve been doing OK, but the spammers have been getting out of hand. At the end of last August, I got my first blog comment spam, something that had been new to me. At first I was OK with just deleting each comment, but then the spammers started hitting me more often, and then with multiple spams. By early December, some jerk put spam in the comments of 50 different posts–and I found MT Blacklist, thank God in heaven. It caught most of the worst spammers, and best of all, if somebody hit me on many different posts’ comments, I could use MT-Blacklist and zap them all in one go, as opposed to slowly and deliberately going through the steps to eliminate them one at a time.

Well, now I’m facing a new tide. When spammers hit, they are now using different IP addresses and different new URLs every time, and they are hitting me daily. Now, I face between 4 and 10 spam comments each day that get by the blacklist (that’s after MT-Blacklist stopped the majority of them already!), and I usually have to take them out one by one, as Blacklist can’t connect the IP addresses or URLs found within them. It’s really getting intolerable.

I hate comment registration systems. I hate them because it means people have to jump through hoops when they want to leave a comment, it makes the site less accessible. But there comes a point where it’s just not worth it. Still, you really want to find out where those spammers live, and then hire a dozen homeless people to camp out in their backyard and ring their doorbell every five minutes. Or rig a software program to autodial their business phone incessantly and play a recording of Van Halen at full blast when they answer.

I’ve found a great hosting plan that I might take, loads of bandwidth, 5 add-on domains, and 20 MySQL databases plus lots else for $10 a month, I’ll probably get that account and then install every type of blog software I can find, see how they each compare, then make a decision about which one to go with…

Categories: BlogTech Tags: by
  1. May 28th, 2004 at 08:59 | #1

    For what it’s worth, I’ve had no problems with comment spam since upgrading to ExpressionEngine. Referrer spam, on the other hand, is a bit harder to prevent.

    If you want to avoid the registration issue, EE also has a “captcha” feature, which requires the user to identify a word in a randomly generated image for their comment to be accepted.

    Oh, did I mention that they are also offering a special price for people who currently use another blogging tool? Not that I want to influence your decision or anything… 😉

  2. May 28th, 2004 at 15:26 | #2

    Here’s a handy Blog Software Breakdown, which compares the features of the most widely-used weblogging software packages.

    I’ve been running an MT install for more than a year, and with a few isolated instances I haven’t had any problems with comment spam. Maybe that’s because I customised the install quite a bit and possibly removed something the spammers are scanning for. For instance, I happen to have the Movable Type credit link on a static About page; maybe that helps.

    I also planted a hidden value in the comment form and modified the comment script so that it won’t accept a comment unless it comes with that hidden value. The idea is to keep spambots from talking to to the comment script directly instead of going through the comment form, but I have yet to crunch the error logs to see if it’s this trick that keeps the spammers out.

    But if you look around a bit, you’ll find lots of other countermeasures that you can deploy in addition to MT-Blacklist, and many of them sound quite reasonable.

  3. Luis
    May 28th, 2004 at 16:46 | #3

    Rudolf: Thanks! That’s great information. I may try that separate “About” page, but I don’t have the expertise to change the comment script. The Breakdown page is fantastic, just the thing I was looking for.

  4. Ted O’Neill
    May 29th, 2004 at 12:16 | #4

    Luis,

    Would you care to share the fruits of your research? I’d love to hear your comparisons– it would make a great article. If nothing else, who is that hosting company? It does sound like a good way to test stuff out.

Comments are closed.