[spam-stopper] Heavy attack
Eric A. Meyer
eric at meyerweb.com
Thu May 25 17:14:44 UTC 2006
At 11:47 PM -0300 5/23/06, Mariano Amartino - uberbin.net wrote:
>Hi there... I was wondering if im the only one being hit by a
>massive spam that skips "akismet"
>More than 1000 in a day (besides the ones that are being stopped by
>Akismet) and with
>keywords that are really "aggressive" I mean, credit, loan, etc.
Nope, you aren't the only one. I've been getting the same thing,
albeit at only about 100 a day getting past Akismet, not 1000.
Akismet still seemed to be stopping a few hundred a day. The ones
that made it onto meyerweb were similarly "aggressive", with all
kinds of really obvious spammish words like credit and phentermine,
and many with a whole bunch of links, despite my having long ago set
a "hold any comment with more than 5 links" option. I also noticed
that in every case, the missed spam had nothing for the posters'
email address, despite my having enabled the "must provide name and
email" option in WordPress. So it seemed that somehow the spammer
was able to slip past those WP options.
I also discovered after editing my comments template to remove the
textarea and submit button that I still got a few hundred pieces of
spam, both in the Akismet bucket and in my moderation queue. So
someone was hitting the post script directly, and not bothering to
load actual pages on my site to get the submission form. This makes
sense, although it's interesting since my WP installation directory
is very unusual, so any script that relied on '/wordpress' as the WP
directory would have silently failed.
Anyway, I hacked in some rudimentary steps to deny
direct-submission spam, and the amount of comment spam stopped by
Akismet and and showing up in my moderation queue fell off
dramatically. I haven't had any escape both yet, but then I haven't
had the new measures in place very long.
I don't know if the email-less spam that dodged Akismet was
direct-submission or not, but it makes a certain amount of sense.
Oh, and I'm using WP 1.5, just recently upgraded to 1.5.2. Don't
know if that should make any difference given what we're discussing,
but it seemed worth mentioning.
Eric A. Meyer (eric at meyerweb.com)
Principal, Complex Spiral Consulting http://complexspiral.com/
"CSS: The Definitive Guide," "CSS2.0 Programmer's Reference,"
"Eric Meyer on CSS," and more http://meyerweb.com/eric/books/
More information about the spam-stopper