Skip navigation

Comment Spam: Vengeance is Theirs and Mine

It seems as though comment spammers are having a field day. In the past 24 hours, this WordPress.com blog has been hit by hundreds and hundreds of comment spam. Lovely drugs, mortgages, real estate, casinos, and penises. Reports are coming in on the WordPress Support Forum and WordPress.com support forum that blogs are being hit left, right and sideways by comment spam robots.

According to Akismet’s site:

30,946,873 spams caught so far
1,985,833 so far today

For the most part, , the spam catcher for WordPress.com and many WordPress blogs, has caught most of them. A few have slipped through though. Bad Behavior and Spam Karma are keeping the comment spammers completely away from my full version WordPress blogs.

If you have a WordPress blog and are not on WordPress.com, I recommend you take the following steps immediately to protect your blog against comment spam now. Don’t wait:

  1. Install Spam Karma WordPress Plugin or .
  2. Install Bad Behavior WordPress Plugin, the comment spam prevention.
  3. Sit back and watch as comment spam goes bye-bye and nuke the few that sneak past your arsenal.

As for those not using WordPress, I hope your blogging tool’s defenses are up and active.

NOTE: While writing this post, 242 comment spam struck my blog. All were caught, save one. Good work, Akismet!

Related Articles


Site Search Tags: , , , , , , , , , , , , , , ,
Copyright Lorelle VanFossen

6 Comments

  1. Posted May 18, 2006 at 5:49 pm | Permalink

    Hey, don’t forget to mention I’m trialling Bad Behavior 2, which is proving far more effective than Bad Behavior 1 so far. Akismet is bored again.

  2. Posted May 18, 2006 at 7:22 pm | Permalink

    Michael, I’m using Bad Behavior 2 on two of my full version WordPress blogs and it is amazing. Slam dunk on comment spam. You know that I work with Spam Karma and Bad Behavior and before uploading the new version of Bad Behavior, my main site was getting 20-80 comment spam a day. All caught, but still needing deleting through Spam Karma. After installing Bad Behavior 2 (beta), it is down to 0-3 a day that get through and caught by Spam Karma.

    I’d say you two make a lovely couple. ;-)

    Thanks for making such an incredible product. I’m really proud of what you’ve done and you should be, too. Cutting edge stuff!

  3. Posted May 18, 2006 at 9:29 pm | Permalink

    Maybe I don’t understand something about site spam (wouldn’t surprise me–it’s not my area of complete understanding, admittedly), but I’ve always been curious as to how Bad Behavior and a multitude of other plugins can tell me they’re blocking millions, when, upon their deactivation, I only deal with 20 or so a day. Am I missing something? Are they blocking IP addresses as well, not just comment spam?

  4. Posted May 19, 2006 at 12:38 am | Permalink

    While Michael and Dr. Dave (Spam Karma) can give you a much better explanation than I can, this is what I know.

    WordPress comes built-in with some comment spam detection, such as more than two or three links in a comment or keyword matches to known spam words. Out of the box, it does a fairly good job, but can’t hold up against a massive onslaught such as most of us experienced today. It needs a little help.

    Spam Karma, like Akismet, also tests comments. They run them through a checks and balances filter, using a variety of techniques from IP addresses to keywords, and make a decision on what is a legitimate comment and what is comment spam, including how the comment arrived, how many posts were hit with comments at the same time or within the same time period, and more. Comment spammers tend to work in only a few ways, and once you determine their pattern, you can easily put a stop to their evil ways.

    Bad Behavior is different. According to Michael Hampton, it “gives the finger to comment spam before it gets in the door”. Comment spammers use bots to circle the web looking for easy access. Their IP addresses and bot codes are recognized when they come knocking so they are not allowed even to access your site. Stopped in their tracks, for lack of better techno-jargon.

    Using the two together, what slips through Bad Behavior, which is not much now with the new version, gets caught by Spam Karma. It ends up in the list of caught comment spam so the paranoid webmasters, like me, can check to see if it is really working right and nothing “good” gets caught. A few do, when people use more than two or three links, or if the comment spammers have gotten a little smarter than comment spam catching tools. For the most part, just about everything gets caught. You can also set the settings to automatically delete everything Spam Karma catches, but I’m not ready to trust all my comments to a program. So I learn to look and delete.

    Honestly, how do you keep out innocent looking comments like “Good point. Thanks for your opinion.”? Or “I like what you have to say, I’m going to recommend your site to my friends.” Most of these are now being caught, but it took a long time to spot the evil casino site in the comment’s URL. Spam Karma and Bad Behavior now recognize most of these evil comment spams and grab them before they can pollute your blog.

    Not all blogs are slapped all the time by comment spammers. I’ve gone a month or two without nary a comment spam or 20. I started to relax, thinking they had finally gotten the clue and given up. NOT. Today is a prime example. Flood the blogosphere with millions of comment spam and some will get through. And they do. Luckily, I got the tools to stop them in their tracks.

    Another method for stopping comment spam are “captchas”, the “answer the question before you are allowed to post”. Spam Karma has a feature that will automatically offer up a captcha if there is some doubt about the quality of the comment at the time of posting. If it doesn’t respond right, then it is toast.

    Personally, I hate captchas. I hate the waste of time of them. Often I can’t read them, or don’t know if capitalization matters or not, and if it borks, which they do even when I think I’ve done it right, most of the time the comment is lost and has to be typed again. On one blog I posted my comment 4 times and each time the captcha failure threw it out. After the 5th time I sent an email to the blog’s owner with my comment, explaining that the captcha thing just wasn’t working. Painful. But I was determined. Usually I’m not.

    Blogs are brilliant for discussions and conversations through comments. So let nothing get in the way of my comments! ;-) But comment spammers, die a painful, agonizing death and stop doing it. It doesn’t work. Get a clue!

    And if it works on your blogging tool, then get rid of that or find some better comment spam protection. There are no excuses today, with all the brilliant minds like Hampton and Dr. Dave, to suffer with comment spam. The more everyone stops it in its tracks, the less power it has and the less money they make and exposure they get. They will learn, but we have to do the work to teach them. And support legislation to fry their butts!

  5. Posted May 19, 2006 at 5:05 am | Permalink

    I hate captchas to the core, I hate anything to do with Image verification as it retards users… And Akismet pwns, without it I would be nowhere now.

    Hmm…I didn’t have much of an attack.

  6. Posted May 19, 2006 at 9:14 pm | Permalink

    Akismet is the Way, The Truth, The Light, The Life. I wrote a small tutorial about it a few weeks ago, it must be shared. (of course it means my readers will remain poor, with small penises and lacking sexual stamina, but that’s life)


8 Trackbacks/Pingbacks

  1. [...] Usually when I look at the number of spam comments that Akismet has caught on my site, it hovers around 80ish. Since yesterday, the number has grown to 550 or so. Whoa! There seems to be some effort going on that is targeting wordpress blogs. Lorelle posted that she not only has seen it on her site, but links to the wordpress forums where others are saying similar things. [...]

  2. [...] I wrote a few days ago about the massive comment spam attack on WordPress blogs, especially WordPress.com blogs, and how for the most part, Akismet was catching all the evil comment spam. [...]

  3. [...] Update 2: I’ve decided to take Lorelle’s advice and install Bad Behaviorr on TiVoBlog.  I had installed it once before however, I uninstalled it because people were saying that they were being denied access to the site.  I’m going to try it again simply because it is a pain in the a$$ to have to screw around with all this spam…..  Hopefully nobody will be wrongfully denied access to the site . [...]

  4. [...] Comment Spam: Vengeance is Theirs and Mine [...]

  5. [...] Comment Spam: Vengeance is Theirs and Mine [...]

  6. [...] Comment Spam: Vengeance is Theirs and Mine [...]

  7. […] Comment Spam: Vengeance is Theirs and Mine […]

  8. […] Comment Spam: Vengeance is Theirs and Mine […]

Post a Comment

Follow

Get every new post delivered to your Inbox.

Join 21,177 other followers

%d bloggers like this: