More blog comment spam

It’s amazing: I have been running this blog for a few months, and while there are a few visitors, I don’t think anyone has mertner.com/allan as their home page 🙂

The people who visit the site the most are… spammers! I have tried to keep up with these by implementing various increasingly aggressive anti-spam measures, and the latest one is that users now have to type in a random string of letters shown in a picture in order to comment on a post. Thanks to gudlyf for his authimage plugin!

This is really annoying: how many people actually visit the online poker or viagra-selling sites because of a comment posted in my blog? I guess that if it didn’t create at least a few hits, they wouldn’t do it – but it still boggles the mind. To put the issue in perspective, there are perhaps 20 “real” comments on this site that have been left over the past few months (thanks!). But the site also get between 5 and 50 spam-comments every day: a noise-to-signal ratio of 100:1 or so.

Until now, standard anti-spamming measures (keyword matching, etc) has worked reasonably well, but in the past few weeks, a new type of spam has arrived where this just doesn’t work. The new approach is for the spammer to leave an innocent message such as “Very nice site you have here: good work” – and then put a link to his viagra- or poker-selling home page as an IP address.

Sigh. I hope this new mechanism helps keep the comment area reasonably clean. The main problem is that it doesn’t work for the visually impaired or people using text-based browsers. Sorry – I don’t know what to do about that…

2 thoughts on “More blog comment spam

  1. I do extremely well with the following combination (using WordPress):

    1. Spam Karma 2 plugin.
    2. Akismet plugin for Spam Karma (Akismet operate within Spam Karma and thus gives you one fewer admin screens to fiddle with)
    3. Bad Behavior plugin.

    Spam Karma alone actually does a very good job of keeping the spammers at bay, and the Akismet plugin just makes it that little bit better. The neat thing about Bad Behavior is that it blocks a lot (but not all) spambots before they ever actually reach your site, thus reducing overhead.

    In the last six months or so, I would estimate that only one spam comment has actually gotten through to my site. That’s pretty good, considering I used to get as many spam attempts as you describe here. (It’s been going down — perhaps all those “forbidden” returns from Bad Behavior are convincing the bots that the site is not there?)

Comments are closed.