ShareThis1 |
I've had a slew of comment spamming over the last two weeks, which is frustrating and is chewing up tons of my time. I'll make changes on my site to try to block the b@stard. |
2 |
A success is if I can totally block the spammers out. Runner-up is having only a few a day. |
3 |
I'll try it for a few weeks, or until I'm so angry I have to hire someone to do it. |
4 |
Hmm. *Beating* the son-of-a-gun! :-) And learning about myself and using it as an excuse to reflect about the world. |
Create an Experiment
Matthew Cornell
- Member Since
- 07/02/09
- About Lover of experimentation and leader of Think, Try, Learn, the scientific method for discovering happiness. Creator of Edison, the Think, Try, Learn experimenter's workbook. http://edison.thinktrylearn.com/ http://www.thinktrylearn.com/ http://www.matthewcornell.org/
- Web http://www.matthewcornell.org/
- Experiments 98
- Observations 1262
Comments & Observations
Matthew Cornell For the last week I've measured results from changing CAPTCHA to image, and requiring anonymous users (all of mine - I don't have accounts for readers) to preview first. Result: The person's still getting through. About 50-100 per /day/.
Jan 21, 2010
Matthew Cornell Side note: I've been reporting the spam to Internet Crime Complaint Center (http://www.ic3.gov/default.aspx) in hopes that the b@stards get some flak. For fun I tried automating the process (deletion and reporting) using the Firefox macro tool http://www.iopus.com/imacros/firefox. It works great in spite of some installation hiccups and imperfect (but still usable) UI. Still a ton of work.
Jan 21, 2010
Matthew Cornell I'm now trying blocking IP addresses of the spammers for a couple of days.
Jan 21, 2010
Matthew Cornell I wrote my Drupal guy, who suggested updating the modules (they are already up-to-date), upgrading to Drupal 6 (a HUGE amount of work that will probably break everything), adding free modules (http://drupal.org/project/recaptcha and http://drupal.org/project/spam), adding paid modules (http://drupal.org/project/akismet and http://drupal.org/project/mollom, both of which have free versions that would work for my use), and look at JavaScript solutions.
reCAPTCHA: Apparently not much better than built-in CAPTCHA, i.e., if my spammers get through now, they'll get through again.
http://drupal.org/project/spam: Mediocre reported results (http://www.centernetworks.com/mollom-spam-protection).
Mollom: Good reported results, created by Drupal creator. Doesn't work for this guy, though: http://aaronwinborn.com/blogs/aaron/continuing-good-fight-against-spam
Akismet: Good results, though maybe not for Drupal (http://www.centernetworks.com/mollom-spam-protection), and requires reviewing logs. [http://drupal.org/project/antispam: "Successor to the Akismet module", but version 5 only.]
Of those I'm leaning towards Mollom. Still scary installing Drupal modules, esp. without a test site, but I've done it before. DEC: I think I'll try Mollom next if the IP blocking doesn't work.
Jan 21, 2010
Matthew Cornell Continuing trying the IP blocking approach. The b@stard's adding as fast as I delete.
[update] "Simple IP-based throttling is ineffective against this spamming technique." Six Apart Guide to Combatting Comment Spam - http://www.sixapart.com/pronet/comment_spam
:-(
Jan 22, 2010
Matthew Cornell Well, I thought I'd blocked the sob, but today he's back in force. Time to take the next step. I'm leaning towards converting to http://disqus.com/, but that's a big step. Then again, so are Mollom and Akismet. Ideally I'd set up a test server...
Jan 23, 2010
Matthew Cornell Asked my blog readers (http://matthewcornell.org/2010/01/anyone-using-disqus-blog-comments.html) and got two responses so far: Askimet and Disqus (on http://www.desparoz.com/ and http://www.divingidc.com/news/).
Jan 24, 2010
Matthew Cornell Additional responses from above:
o Dave Winer at scriptingnews.com likes disqus
o use Mollom - easy to set up, works well (http://www.glennburks.com/blogs/glenn/drupal-comment-spam-solutions)
DECISION: I'll try Mollom. It looks easy to install, and doesn't change the current commenting system too drastically.
Jan 25, 2010
Matthew Cornell Hoo boy, I got nailed with thousands. Really pissing me off. I think that the image CAPTCHA + mandatory comment preview had helped. Turning back on. If I get one more set, I'll do Mollom. Bastards.
Jan 26, 2010
Matthew Cornell Mother-!@#$% is still spamming my site, and bringing down my server. Wishful thinking that he'll go away has not met reality. So: New project: Install Mollom. [later] Install done after about two hours (not pretty). I'm now kinda excited to see how well it works. They have a monitor page that shows a graph of ham vs. spam. I hope this blocks the bounder!
Jan 31, 2010
Matthew Cornell OK, the sob's at it again, and a dozen got through. New this time, though, is the ability to report them to Mollom as spam. I found a bulk way to do this, which helps. However, these are *obviously* spam comments - I'm disappointed they were false negatives. The question now is whether Mollom gets better, or whether I have to train it forever...
Jan 31, 2010
Brock Tice So, I'm not familiar with Drupal, but on WordPress I am able to require commentors to have a comment approved (tracked by email address, no accounts necessary) before their comments go through without moderation. This lets me approve obviously legit people and never worry about them again, while the obvious spam can pile up and now and then I delete it all / report it to Akismet. Is there a drupal option/plugin that will let you do that? Spammers seem to give up pretty quickly when they see that their comments don't get posted.
Feb 01, 2010
Matthew Cornell When I started blogging I decided not to require moderation (so to speak :-) It seemed like a pain. It's a good idea, though, given that I don't get many comments. I'll let the Mollom test continue, then try your back-to-basics idea, Brock. Thanks!
[Mollom update] Goddam Drupal! Now I'm not getting emailed notifications. Something broke, and it's not clear what did it - some optimizations I did, the Mollom installation, etc. I'm getting pretty close to switching to SquareSpace, which Liza loves, and which would support more experimentation.
Feb 01, 2010
Brock Tice They key point is that I only have to moderate legitimate users once. After that (if they use the same email address) their posts go through automatically.
Feb 04, 2010
Matthew Cornell Oh, I get it, Brock. Seems that Mollom is working great. http://www.flickr.com/photos/matthewcornell/4335066342/ . I'm finishing up the experiment. :-)
Feb 06, 2010
Brock Tice Excellent! Glad to hear you found something that works.
Feb 07, 2010
Matthew Cornell Interestingly, the spammers continue to spam, even though Mollom is doing a great job. The number of "ham" comments is pretty much zero, but I think that's a function of the content and audience itself, not of false positives. Overall, great choices, Mollom.
Feb 17, 2010