{"id":215,"date":"2003-10-12T00:12:49","date_gmt":"2003-10-12T00:12:49","guid":{"rendered":"0"},"modified":"2006-09-28T12:08:23","modified_gmt":"2006-09-28T12:08:23","slug":"dealing_with_co","status":"publish","type":"post","link":"https:\/\/marcdanziger.com\/?p=215","title":{"rendered":"Dealing With Comment Spammer Infestations"},"content":{"rendered":"<p><font size=\"1\" color=\"#FF0000\">(Oct. 14th Update: <a href=\"http:\/\/windsofchange.net\/archives\/004158.html\">MT-Blacklist has arrived<\/a>!)<\/font><\/p>\n<p>&#8230;our comments are being porn-spammed (at Armed Liberal as well, and I&#8217;ll be emailing some other blogs to see if they&#8217;ve been hit as well). We&#8217;re cleaning it up as fast as we can, but we&#8217;ve been hit by a series of spams from a Russian porn site. The last one appears to have left several hundred comments, and additional mutations are possible. So far we&#8217;ve seen &#8220;Lolita,&#8221; Preteen,&#8221; and &#8220;Underage&#8221;. <a href=\"http:\/\/nielsenhayden.com\/makinglight\/archives\/003775.html\">Teresa Nielsen Hayden has more info. on the spammers<\/a>, Scriptygoddess has <a href=\"http:\/\/www.scriptygoddess.com\/archives\/004325.php\">a slew of admin. options<\/a> for you, and Burningbird has a <a href=\"http:\/\/weblog.burningbird.net\/fires\/000638.htm\">fairly simple way to make it harder for spammers<\/a> next time (Hat Tip: <a href=\"http:\/\/blog.davidjanes.com\">David Janes<\/a>).<\/p>\n<p><b>JK:<\/b> It&#8217;s an organized effort&#8230; was highly ranked at Blogdex.net a couple days ago, but I think they&#8217;ve put in filters. <a href=\"http:\/\/www.jayallen.org\/journey\/2003\/10\/mtblacklist_monday_hell_or_high_water\">We may do the same soon<\/a>, and meanwhile I&#8217;ve disabled all comments. We&#8217;ve also got a Swedish neo-nazi group that hangs out here and occasionally posts long rants. If you want to see an example, do a search for &#8220;Conspiracy and Truth Week&#8221; because I delete it everywhere else.<\/p>\n<p>Re: the comment spams&#8230; why does this matter? And what can be done?This matters because if pornospams et. al. are left unchecked, they will significantly impair the entire weblogging community &#8211; not just by killing comments as a normal blog feature, but by triggering automated filtering software at some workplaces once they notice all the porno links. What do we need to prevent that? Software, and support.<\/p>\n<p><b>Software:<\/b> Yoz Grahame&#8217;s Cheerleader has a very intelligent set of suggestions, in &#8220;<a href=\"http:\/\/cheerleader.yoz.com\/archives\/000849.html\">7 Tips for a spam-free blog<\/a>&#8220;. The article addresses tools vendors as well, which I especially appreciate. It also references Mark Pilgrim&#8217;s outstanding overview of <a href=\"http:\/\/diveintomark.org\/archives\/2002\/10\/29\/club_vs_lojack_solutions\">Club vs. LoJack solutions<\/a>, which is finally available again after going down yesterday. If you&#8217;re looking for serious long-term thinking about how our tools need to evolve and what we need to do, Mark&#8217;s piece can&#8217;t be beat. Though <a href=\"http:\/\/weblogging.forpoets.org\/archives\/001895.htm\">Shelley has a good one<\/a>, with some worthy cautions about trust networks and smart feature requests.<\/p>\n<p>Roald and Macdonald have an <a href=\"http:\/\/www.gungeralv.org\/notes\/archives\/000561.php\">Open Letter to Google<\/a> which is very much on point. We all have a mutual interest in stopping this, and working together from both ends just makes sense.<\/p>\n<p>I&#8217;ll add another thought. Not only do we need <a href=\"http:\/\/www.jayallen.org\/journey\/2003\/10\/mtblacklist_monday_hell_or_high_water\">MT-Blacklist<\/a>, <b>we also need a clean-up utility<\/b>. One that looks in the comments for the &#8220;URL&#8221; field, and when it finds a match with our ban list (or even a specific entered value for v1.0), it collects that comment and presents us with a &#8220;Power Edit&#8221; list that allows us to delete comments in batches of 25-100 at a time. When we&#8217;re done, one site rebuild would allow us to have a completely clean blog.<\/p>\n<p><b>Support:<\/b> In addition, hosting providers have to get smarter. Tens or hundreds of weblogs rebuilding hundreds of entries will have the same effect on their servers as a denial-of-service attack. Comment spam should therefore be treated like one. For starters, hundreds of incoming data posts from the same IP ought to raise a red flag and cause diversion or access denial.<\/p>\n<p>Mwanwhile, our provider at <a href=\"http:\/\/Bloghosts.com\">Bloghosts.com<\/a> has already moved to firewall out the following netblocks from their servers: 209.120.176.0\/24 and 62.42.228.0\/24. This will help for now, but over the long term they may want to consider an add-on service. It would include installation of MT-Blacklist, configured to draw from a central blacklist hosted and updated by bloghosts.com themselves, plus renamed CGI submission scripts in their MT(Movable Type) installations to make blogs they host a lower-profile target. The Cadillac option could even include an upgraded Host-specific MT package with a full-fledged spamtrap configuration. <\/p>\n<p>That would be a substantial draw for many bloggers, I think, who would gladly pay additional fees for services that take this problem off their hands.<\/p>\n<p>This much I do know &#8211; we&#8217;ll need these measures sooner rather than later. Preteen, Lolita and the spawn were just the beginning. There&#8217;s no reason these attacks couldn&#8217;t be scaled to add <i>hundreds<\/i> of comments to each weblog, and no reason why they wouldn&#8217;t be. Brace yourselves, because you ain&#8217;t seen nothing yet.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>We&#8217;ve been hit by the Lolita comments spam, and there&#8217;s also a Swedish neo-nazi spammer at work. We&#8217;ve got a full rundown on the problem, a report detailing how dealing with it&#8230; and some suggestions on how we can spam-proof all of our blogs.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"https:\/\/marcdanziger.com\/index.php?rest_route=\/wp\/v2\/posts\/215"}],"collection":[{"href":"https:\/\/marcdanziger.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/marcdanziger.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/marcdanziger.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/marcdanziger.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=215"}],"version-history":[{"count":0,"href":"https:\/\/marcdanziger.com\/index.php?rest_route=\/wp\/v2\/posts\/215\/revisions"}],"wp:attachment":[{"href":"https:\/\/marcdanziger.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=215"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/marcdanziger.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=215"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/marcdanziger.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=215"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}