Comments on: They Found Me! http://isaacschlueter.com/2005/10/they-found-me/ Just slightly more than my twitter stream. Fri, 20 Nov 2015 19:12:40 +0000 http://wordpress.org/?v=2.5.1 By: Isaac http://isaacschlueter.com/2005/10/they-found-me/#comment-241 Isaac Thu, 06 Oct 2005 16:19:51 +0000 http://isaacschlueter.com/?p=300#comment-241 kwa, <blockquote>I've only seen one blog with time-limited dynamic client-side trackback's address generation. Useless to say, the blogger was seriously involved into spam fight.</blockquote> The <a href="http://unknowngenius.com/blog/wordpress/spam-karma/" rel="nofollow">Spam Karma plugin for WordPress</a> fights all manner of comment/tb/pb spam *incredibly* effectively, with: 1. User level check (to auto-approve logged in users over a certain level) 2. Blacklist (IPs and referrers) 3. Link Counter (large number of links = more likely a spammer) 4. Javascript client-side payload for comments. 5. Encrypted payload in comment form. 6. Entities Detector (checks for invalid html entities that spammers use to get around checks.) 7. Trackback/pingback referer check 8. Snowball check (regular commenters are less likely spammers, new commenters are kept on watch.) 9. Post Age (old posts are more likely to be spammed) 10. RBL Check (spams coming from IPs in Real-time Blacklists) 11. Captcha, but only required for comments that look spam-ish. Each check adds or subtracts to the comment's "Karma". If the karma is > 0, then it goes to "paradise" - it is approved, and you don't have to do anything. If the karma is between -6 and 0, then it is held in "purgatory" to be approved or deleted. Comments with karma below that value are automatically sent to "hell", and don't show up except in the spam harvest. (They can still be recovered, but they're nicely hidden away.) Another plugin, <a href="http://unknowngenius.com/blog/wordpress/ref-karma/" rel="nofollow">Referrer Karma</a>, works in much the same way, and can integrate with Spam Karma's blacklist. This modular approach is, in my opinion, the *only* way to effectively combat blog spam. Other GPL blog tools would benefit greatly to port these plugins rather than spend time attempting to do the same things. So far, I haven't had a single false positive, and I also have been able to let comments show up right away rather than moderating every one. kwa,

I’ve only seen one blog with time-limited dynamic client-side trackback’s address generation. Useless to say, the blogger was seriously involved into spam fight.

The Spam Karma plugin for WordPress fights all manner of comment/tb/pb spam *incredibly* effectively, with:

1. User level check (to auto-approve logged in users over a certain level)
2. Blacklist (IPs and referrers)
3. Link Counter (large number of links = more likely a spammer)
4. Javascript client-side payload for comments.
5. Encrypted payload in comment form.
6. Entities Detector (checks for invalid html entities that spammers use to get around checks.)
7. Trackback/pingback referer check
8. Snowball check (regular commenters are less likely spammers, new commenters are kept on watch.)
9. Post Age (old posts are more likely to be spammed)
10. RBL Check (spams coming from IPs in Real-time Blacklists)
11. Captcha, but only required for comments that look spam-ish.

Each check adds or subtracts to the comment’s “Karma”. If the karma is > 0, then it goes to “paradise” - it is approved, and you don’t have to do anything. If the karma is between -6 and 0, then it is held in “purgatory” to be approved or deleted. Comments with karma below that value are automatically sent to “hell”, and don’t show up except in the spam harvest. (They can still be recovered, but they’re nicely hidden away.)

Another plugin, Referrer Karma, works in much the same way, and can integrate with Spam Karma’s blacklist.

This modular approach is, in my opinion, the *only* way to effectively combat blog spam. Other GPL blog tools would benefit greatly to port these plugins rather than spend time attempting to do the same things.

So far, I haven’t had a single false positive, and I also have been able to let comments show up right away rather than moderating every one.

]]>
By: kwa http://isaacschlueter.com/2005/10/they-found-me/#comment-239 kwa Thu, 06 Oct 2005 08:19:29 +0000 http://isaacschlueter.com/?p=300#comment-239 The easiest way to spam a blog is to referrer spam it. The main issue is most blogs do not publish their statistics. Does that matter? Not a lot. A lot of bloggers check their stats and checks referencing pages. If they link one's blog, one's is curious who's linking it, isn't he/her? That also makes hits and referrer spamming is cheap enough, so why stop spamming that way? Moreover, if your blog does not publish your stats, your host migt be. Mine publish all the stats of all the hosted sites. I can't convince him to remove them, even after explaining my "security by obscurity" concerns. (Yes, I've left a security hole in a script I've never published the address of for a couple of days and someone or some robot found it... removing some data files...) The second easy way to spam blogs are sending trackbacks. I even don't see why spammers use comment spam, since trackbacks appear to be cheaper to do and more difficult to fight. I've only seen one blog with time-limited dynamic client-side trackback's address generation. Useless to say, the blogger was seriously involved into spam fight. The easiest way to spam a blog is to referrer spam it. The main issue is most blogs do not publish their statistics. Does that matter? Not a lot. A lot of bloggers check their stats and checks referencing pages. If they link one’s blog, one’s is curious who’s linking it, isn’t he/her? That also makes hits and referrer spamming is cheap enough, so why stop spamming that way?

Moreover, if your blog does not publish your stats, your host migt be. Mine publish all the stats of all the hosted sites. I can’t convince him to remove them, even after explaining my “security by obscurity” concerns. (Yes, I’ve left a security hole in a script I’ve never published the address of for a couple of days and someone or some robot found it… removing some data files…)

The second easy way to spam blogs are sending trackbacks. I even don’t see why spammers use comment spam, since trackbacks appear to be cheaper to do and more difficult to fight. I’ve only seen one blog with time-limited dynamic client-side trackback’s address generation. Useless to say, the blogger was seriously involved into spam fight.

]]>

Warning: fopen(/var/www/isaacschlueter.com/public/wp-content/cache/meta/wp-cache-918b0ac52cd86dbbfe278eddf8bf0ac7.meta) [function.fopen]: failed to open stream: Permission denied in /var/www/isaacschlueter.com/public/wp-content/plugins/wp-super-cache/wp-cache-phase2.php on line 378

Warning: fputs(): supplied argument is not a valid stream resource in /var/www/isaacschlueter.com/public/wp-content/plugins/wp-super-cache/wp-cache-phase2.php on line 379

Warning: fclose(): supplied argument is not a valid stream resource in /var/www/isaacschlueter.com/public/wp-content/plugins/wp-super-cache/wp-cache-phase2.php on line 380