Attack of the spam
July 6, 2009 10:25 AM Subscribe
A particular post on my (wordpress) blog just got hit with over 10 spam comments in 3 minutes. I've disabled comments on that post for now, but what's going on?
These aren't the typical website-pimping viagra-toting comments - they're all along the same lines - for example "Thank you for this site, such as multi information! Thank you!", "Oh hell yeah", "nice post, thanks for sharing" etc. Also, the authors have similar sounding addresses - either host238-96-dynamic.16-87-r.retail.telecomitalia.it or 84.123.82.200.dyn.user.ono.com with different numbers at the beginning, sorry I don't know the correct terminology.
I have Akismet enabled and can't remember the last time it let through one spam comment, never mind 10 in the space of a couple of minutes..
Why is this happening, and what should I do about it?
thanks!
These aren't the typical website-pimping viagra-toting comments - they're all along the same lines - for example "Thank you for this site, such as multi information! Thank you!", "Oh hell yeah", "nice post, thanks for sharing" etc. Also, the authors have similar sounding addresses - either host238-96-dynamic.16-87-r.retail.telecomitalia.it or 84.123.82.200.dyn.user.ono.com with different numbers at the beginning, sorry I don't know the correct terminology.
I have Akismet enabled and can't remember the last time it let through one spam comment, never mind 10 in the space of a couple of minutes..
Why is this happening, and what should I do about it?
thanks!
Mark it as spam and see if it continues. Spammers know what gets caught and are finding ways around it.
Did they list a website? Because if you have names link to the website listed then it's still a link.
posted by theichibun at 10:46 AM on July 6, 2009
Did they list a website? Because if you have names link to the website listed then it's still a link.
posted by theichibun at 10:46 AM on July 6, 2009
Best answer: One reason (not the only one) why the comments may not appear to be spam in the usual sense is that they're testing your site to see if they can register and post comments, as well as creating accounts that they can use for spam later on. By creating the accounts in advance they bypass some of the more simpleminded security measures.
...basically, they've filed your site away in a config file that says "I have accounts on this site and I know I can spam it."
I've seen accounts created as far ahead as a year prior to being used, which is why I now proactively nuke any account which matches my rules for being a probable spambot, and simultaneously ban the relevant IP for an extended period (I don't care why a given IP turned into a bot-zombie, only that it did).
Disclosure: I take an extremely aggressive stance toward forum spam, but the site I control is for professional interaction, not the general public. Consequently I can get away with dropping the banhammer left & right, because the user base feels spam seriously detracts from their experience (ie., it's more than a mere annoyance).
posted by aramaic at 11:17 AM on July 6, 2009 [1 favorite]
...basically, they've filed your site away in a config file that says "I have accounts on this site and I know I can spam it."
I've seen accounts created as far ahead as a year prior to being used, which is why I now proactively nuke any account which matches my rules for being a probable spambot, and simultaneously ban the relevant IP for an extended period (I don't care why a given IP turned into a bot-zombie, only that it did).
Disclosure: I take an extremely aggressive stance toward forum spam, but the site I control is for professional interaction, not the general public. Consequently I can get away with dropping the banhammer left & right, because the user base feels spam seriously detracts from their experience (ie., it's more than a mere annoyance).
posted by aramaic at 11:17 AM on July 6, 2009 [1 favorite]
You could try mollom as an alternative and see if that is better.
posted by Brian Puccio at 2:15 PM on July 6, 2009
posted by Brian Puccio at 2:15 PM on July 6, 2009
Response by poster: Thanks everyone - I installed the WP-SpamFree plugin as it give the option to blacklist IP addresses (thanks aramaic!). I reactivated comments on the offending post, and no more spam has come through so far since. theichibun yes they did have links from their names! I didn't see that before.
thanks again!
posted by hibbersk at 10:19 AM on July 7, 2009
thanks again!
posted by hibbersk at 10:19 AM on July 7, 2009
« Older I'd pay like a million dollars for a simple pair... | What do you wish you would have known before you... Newer »
This thread is closed to new comments.
I had this happen to me about a year ago. Not sure if there is anything that you can do beyond these steps. Good luck!
posted by Hanuman1960 at 10:46 AM on July 6, 2009 [1 favorite]