[wp-hackers] Simple comment spam experiment
code.prole at gmail.com
Wed Apr 16 15:57:17 GMT 2008
On Apr 16, 2008, at 10:25 AM, Matt Mullenweg wrote:
> From 2002:
> "The really interesting thing about these approaches, from a game
> theory perspective, is that they are all Club solutions, not Lojack
> solutions. There are two basic approaches to protecting your car
> from theft: The Club (or The Shield, or a car alarm, or something
> similiar), and Lojack. The Club isn’t much protection against a
> thief who is determined to steal your car (it’s easy enough to
> drill the lock, or just cut the steering wheel and slide The Club
> off). But it is effective protection against a thief who wants to
> steal a car (not necessarily your car), because thieves are
> generally in a hurry and will go for the easiest target, the low-
> hanging fruit. The Club works as long as not everyone has it, since
> if everyone had it, thieves would have an equally difficult time
> stealing any car, their choice will be based on other factors, and
> your car is back to being as vulnerable as anyone else’s. The Club
> doesn’t deter theft, it only deflects it.
> "Similarly, installing a secret form field on your comment form
> will stop spammers from spamming your comments, until enough people
> do that that it’s worth the spammer’s time to upgrade their
> scripts. Ditto referer hacks (just set the referer); ditto
> registration schemes (just auto-register); ditto time limits (just
> hit each weblog sequentially). Ditto ditto ditto."
What I notice about the majority of my comment spam is that it
typically includes dozens of links and line breaks (carriage
returns). Being new to PHP I don't (yet) know how to write a simple
routine to examine each comment (using regular expressions, perhaps?)
to simply not accept any that have more than a configurable number of
links and or carriage returns.
I realize that Askimet is already trapping those with more than a set
number of links, but I want to trash those with, say more than 5
links total; not even pass them to Askimet.
Beyond that I think a layered approach is best. Renaming the comment
form (perhaps having a configuration option to due that in WP?),
using a nonce, examining comment contents for number of links and/or
carriage returns, requiring previews and IP matching the post with
the preview, et cetera.
My tiny little site gets only a handful of comment spam daily, so
far, but I am eager to find a solution that will grow with my site's
ever increasing spam counts.
coding for the proletariat since 1976
More information about the wp-hackers