10001110100110101
..and do not come back any day!
I just another dozen or so spam messages overnight. I think what had protected me before was the two layer comment entry form which required the comment to be previewed before being entered into the system.
The funny thing is that all of the comments were for the same journal entry.
I will need to figure out a simple and quick way to foil these annoying spammers or I will be spending a lot of time cleaning up.
Wednesday, December 12, 2007 at 14:58:15 (UTC)
Have you checked the IP of the spammer? I'm just curious if it was all from the same machine or same top domain.
I'd guess that it's the same entry because it has been logged to appear for some keyword. I'm annoyed that it has the audacity to use a gmail e-mail address. The word "kyletur" appears to be Danish, or possibly a Danish typo.
Oh, and I suspect if you put a captcha on your form you will see the spams disappear. Even a static one (ie. always the same answer) can do the job.
Hwan
Wednesday, December 12, 2007 at 15:07:38 (UTC)
Heh, I was just looking into using CAPTCHA, but IP blocking would be a lot simpler. Unfortunately it is not the same top level domain. I do have other checks I may be able to use potentially, like the browser type.
Unfortunately, it does not seem to be an ideal check. I'll write something up.
QYV
Wednesday, December 12, 2007 at 17:17:20 (UTC)
I'm serious about using a static captcha by the way. Comment spam is due to someone having programmed a bot to look for specific form fields, so it's not surprising that this happened after you started using a popular comment engine. Anyway, the point is that no-one is going to bother changing their bot script to account for your captcha. I've seen a bunch of popular sites (notably Twenty Sided ) use a static captcha and it works for them. Lastly, this comment field is too small and claustrophobic, but I guess I'm not one to talk.
Hwan
Wednesday, December 12, 2007 at 19:01:17 (UTC)
This is one of the reasons I switched to WordPress.
You could probably avoid a lot of the spam, though, by adding a hidden, dummy fields that only bots would fill out and renaming your actual fields... Much less annoying than captchas.
Darcy
Wednesday, December 12, 2007 at 23:22:58 (UTC)
Hmm, that's a good idea. I'll see if I can try it out when I get the time..
QYV
Thursday, December 13, 2007 at 04:20:41 (UTC)
I had to get rid of yet more spam comments, but I slightly altered the code. Hopefully this will work better?
QYV