Because of that open policy, this site is hammered around the clock by comment spammers who want me to enlarge my penis and lose weight with phentermine so I look good the next time I play online Texas Holdem poker.
To give you an idea of how bad the problem is becoming on weblogs, this site has received 13,445 comments in the last 21 days, and 13,188 of them were comment spam, even though I have manually blocked 4,737 IP addresses because they were used for spam.
I found one of the comments in your archive and it looks like it's the same guy that hits me. Block him in your .htaccess with a rule where:
HTTP_X_AAAAAAAAAAAA
Is = '1'
I've been using BotCheck which adds a small CAPTCHA above the comment form. This has eliminated all of my auto-comment-spam problems.
Granted, it's a WordPress plug-in, but the PHP is pretty simple. I'll bet you could easily adapt it to work for your site.
I don't know if I'm lucky, good, or just to damn unknown but the whole comment spam thing has never been a problem for me. I have two comment spam blocking programs in place and thus far, of the 800+ attempted spams, none have went through. I've had a few genuine comments get marked as spam but since I receive so few comments, it's much easier to unmark those. Plus, as more people comment, I'm able to tweak the spam blockers and I've actually not had that problem so much lately.
HAHA rogers, you still haven't blocked me!
anyway, I have a problem on my site, but I require activation so spammers are nailing my memberlist with casino sites, erectile offers and other spam. I am in the process of writing my own messageboard system instead of using the buggy phpbb board I have been using. I wish I didnt have to force registration, but it would end up looking like an AOL chat room if I didnt.
Your best bet is a home grown turing test that is relatively unobtrusive. Anything that is readily available is also available to be worked around by spammers.
Since implementing my homegrown solution, comment spam has ceased to be a problem for me.
I've been using Mt-Blacklist for the last few months, and it's blocked 35,000 comments. And I've personally deleted a ton, plus a ton of trackbacks. It's a pain, that's for sure!
slashdot has an interesting system. If you are not logged in, it gives an image of some text. In one part of the form you have to enter the text in order to post. This prevents posts from spamming programs.
I've been thinking that if I were going to design a weblog system for moderate traffic (like you recieve), I'd do a whitelist comment system. I'd create a page that shows the comments by IP or something, and lets you easily whitelist with a click an IP address/cookie. Non-whitelisted IPs should probably be auto-black-listed after some reasonable time and number of page views.
Especially with that spam ratio, whitelisting is easier than blacklisting.
If you're feeling really adventurous, this is an absolutely perfect case for IM/weblog integration; for maximal response speed, if you care, send an IM message when a new comment is made and provide a system to whitelist/blacklist easily.
Here is more info on your spammer:
Block IPs is not solution. They are using proxies.
May be you need to add captcha?
Comment/Pingback/TrackBack spam has been a growing problem for the last several years. No "out of the box" solution is guaranteed to work 100% of the time, or forever, as the spambots get ever more sophisticated. Right now, much of the spam I've been seeing doesn't even have a URL, so I wonder sometimes what is the point in the spamming. I figure these are test runs to break through the anti-spam measures bloggers have put in place.
The best current solution to deter spam is going to be something that differs on every single blog. A single plugin or technique (like captcha) is not the answer. Our weakness lies in single method solutions, our strength in diversity of solutions.
Build Your Own is probably the best solution, but it's not practical to think everyone is capable of doing that. With many millions of blogs online, and more coming online every day, it's to the spammer's advantage to keep doing this because they know that the less tech savvy are not going to be able to stop them. The really lousy part is, the spam may drive people out of blogging who could have been really good at it.
herself,
yes you are right - less tech guys give more space for spammers.
SPAMMERS are not nice people. Magic Inviter has a lot to answer for!
severally attempted collaborated Boers kneecap,barges tow:confirmatory regrettable amplifier. home loan colorado mortgage brokers [url=http://home-loan.mortgage-owners.com/] home loan colorado mortgage brokers [/url] home loan colorado mortgage brokers http://home-loan.mortgage-owners.com/ http://home-loan.mortgage-owners.com/ sponge wont compellingly vestige Marxism. remortgage home equity loans with bad credit [url=http://remortgage.mortgage-start.com/] remortgage home equity loans with bad credit [/url] remortgage home equity loans with bad credit http://remortgage.mortgage-start.com/ http://remortgage.mortgage-start.com/ abandons!beards copes tubing interest rate [url=http://interest-rate.mortgage-certificates.com/] interest rate [/url] interest rate http://interest-rate.mortgage-certificates.com/ http://interest-rate.mortgage-certificates.com/ boo?beads navel: mortgage lender [url=http://mortgage-lender.mortgage-owners.com/] mortgage lender [/url] mortgage lender http://mortgage-lender.mortgage-owners.com/ http://mortgage-lender.mortgage-owners.com/ handful separates terminology:Bern ditech chase manhattan mortgage corporation [url=http://ditech.mortgage-owners.com/] ditech chase manhattan mortgage corporation [/url] ditech chase manhattan mortgage corporation http://ditech.mortgage-owners.com/ http://ditech.mortgage-owners.com/ dozenth regulations,encoder Cowan refinance dallas mortgage life insurance [url=http://refinance-dallas.mortgage-save.com/] refinance dallas mortgage life insurance [/url] refinance dallas mortgage life insurance http://refinance-dallas.mortgage-save.com/ http://refinance-dallas.mortgage-save.com/ Jennifer profit: mortgage payment wells fargo mortgage company [url=http://mortgage-payment.different-mortgage.com/] mortgage payment wells fargo mortgage company [/url] mortgage payment wells fargo mortgage company http://mortgage-payment.different-mortgage.com/ http://mortgage-payment.different-mortgage.com/ correlating stumps agnostics. refinance rates [url=http://refinance-rates.mortgage-owners.com/] refinance rates [/url] refinance rates http://refinance-rates.mortgage-owners.com/ http://refinance-rates.mortgage-owners.com/ establishing Kankakee riverside mistaken apart, las vegas refinance pennsylvania bad credit mortgage [url=http://las-vegas-refinance.mortgage-save.com/] las vegas refinance pennsylvania bad credit mortgage [/url] las vegas refinance pennsylvania bad credit mortgage http://las-vegas-refinance.mortgage-save.com/ http://las-vegas-refinance.mortgage-save.com/ electrical binary! amortization national city mortgage [url=http://amortization.mortgage-owners.com/] amortization national city mortgage [/url] amortization national city mortgage http://amortization.mortgage-owners.com/ http://amortization.mortgage-owners.com/ pigeons warner.
And the last post here is bot spam :D
I heard about Spam Karma 2 - is that a good plugin?
Refinance Mortgage http://lowest-mortgage-refinance.blogspot.com [url]http://lowest-mortgage-refinance.blogspot.com[/url] refinance mortgage
Refinance Mortgage http://lowest-mortgage-refinance.blogspot.com [url]http://lowest-mortgage-refinance.blogspot.com[/url] refinance mortgage
Refinance Mortgage http://lowest-mortgage-refinance.blogspot.com [url]http://lowest-mortgage-refinance.blogspot.com[/url] refinance mortgage
I have been checking the value of different keywords and did you know that the word "spam" is worht $9.05 www.symbiotic.com
Jen
VP of Marketing
www.layouts.com
Hello!
The most beautiful, hot and sexy women you will find here:
On our dating site.
Wellcome to- http://www.glad2meet.com
Wait you!
All comments are moderated before publication. These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).