Comment spam has gone totally out of control on this blog in the last week, with over 100 messages a day now. Kellan (who is trying to solve the same comment spam problem on the Movable Type platform) told me about Bad Behavior, a wordpress plugin, that is aimed at:
The problem: Spammers run automated scripts which read everything on your web site, harvest email addresses, and if you have a blog, forum or wiki, will post spam directly to your site. They also put false referrers in your server log trying to get their links posted through your stats page.
As the operator of a Web site, this can cause you several problems. First, the spammers are wasting your bandwidth, which you may well be paying for. Second, they are posting comments to any form they can find, filling your web site with unwanted (and unpaid!) ads for their products. Last but not least, they harvest any email addresses they can find and sell those to other spammers, who fill your inbox with more unwanted ads.
and …
Bad Behavior was designed and built by watching actual spambots which harvested email addresses, posted comment spam, and used fake referrers. By logging their entire HTTP requests and comparing them to HTTP requests of legitimate users, it is possible to detect most spambots. Bad Behavior blocks spambots with a 412 error. It also has three configurable User-Agent lists for spambots and other malicious bots which actually identify themselves. Bad Behavior can use string matching or regular expression matching against a User-Agent.
I just installed the plug in, and I will update this post in a couple days with the results.
If you’ve posted a real comment lately, I’ve been pretty careful to scan all the spam and moderate/approve genuine comments. If your comment hasn’t shown up, and you feel up to it, you might repost now.
UPDATE 1: So far so good. Tom added a comment here (I had forgot to renable comments on this post). Thanks for alerting me Tom, and people can now comment on this post.
UPDATE 2: Well, after 24 hours the report is a) that there are no downsides thus far, i.e. Bad Behaviour hasn’t broken anything, but b) 37 pieces of spam came through last night, all pointing to one URL. This is a bit down from where it has been, and I’ve seen nothing since, so I chalk this up to some bot agent mutating enough to throw off the BB algorithm. I’ll continue to update.
I just don’t understand why so many people don’t want to buy my texas hold’em viagra levitra home improvement mortgages for their flower gardens!
May your blog remain spam-free, but if it doesn’t, let me know.
Kewl blog you got goin on up here.
Peace, JiggyWittit