Comment form fakeout

by Michael Alderete on 3/13/2005 · 4 comments

When I converted this site to WordPress, I decided to turn on commenting, and see what happened. I have gotten a fair number of really good comments, and from people I didn’t know, which was cool. I also got a ton of comment spam (most of which never made it online). Not cool.

So I did a few things about it.

WordPress 1.5 has a number of new features that make dealing with comment spam a little easier, and I’ve adopted those, while also disabling all of the anti-spam plug-ins I had been using in WordPress 1.2. I also recently implemented some suggestions for making it a little harder for automated commenting, adopting a few of the ideas from A short monograph on the theme of blog comment spam, and a couple from Tom Raftery.

I had a problem with the fake form I implemented, because of a misplaced “%”, which caused it to show up and screw up the regular form. That’s fixed, and I think the fake form should be invisible to everyone using a modern browser.

Hard to say how effective it really is at this point, too soon to tell. But at least so far, no spam comments have been left since I implemented the changes and new traps.

Tom Raftery March 13, 2005 at 11:24 pm

Hi Michael,

thanks for the mention and good luck with your anti-spam strategies!

Tom

Brian Mikol March 14, 2005 at 1:56 pm

Yup, it looks like everything is working all peachy-like again. Now if I could remember which post I originally wanted to comment on and why…

Alderete March 14, 2005 at 9:07 pm

Tom: One of the tactics I adopted from your list was the short list of kill words for my black list. If people haven’t blacklisted “online poker”:http://en.wikipedia.org/wiki/Online_poker yet, they should. And at some point “poker”:http://en.wikipedia.org/wiki/Online_poker probably should be, too.

Here’s the “best response to poker spam”:http://www.threadwatch.org/node/1882 I’ve come across.

Tom Raftery March 15, 2005 at 11:56 pm

Hi Michael,

how’s the blacklist working out for you?

One of the tactics I used in creating the blacklist was to include periods after the words so I have spamword. instead of spamword - this will allow people to include the word poker in their comments without the comment being nuked (unless it is at the end of a sentence!) and will nuke comments with a link to http://www.spamword.tld

Tom

Comments on this entry are closed.

Previous post:

Next post: