Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

Journal of babbage (2619)

Sunday January 23, 2005
07:17 PM

Anti-blog spam efforts

[ #22853 ]

So, anecdotally, it looks like Google's anti-blog-spam campaign may be working. A handful of easy changes to my home blog seems to have helped tremendously:

  • I looked over Google's plan, and Movable Type's recommendations.
  • I added the Movable Type implementation of the "nofollow" plugin
  • I renamed all the MT CGI scripts so that spammers have to actually look to find the comment URL.
  • I added a new script at the old comment & trackback URL:

    #!/usr/bin/perl -wT
    print "Content-type: text/plain\n\n";
    1

  • After noticing that the spammers all seem to have a referer of "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.1.4322)", I added the following code to the comment script:

    sub squash_spammers {
        my $agent  = $ENV{'HTTP_USER_AGENT'} ||= "";
        my $referer = $ENV{'HTTP_REFERER'} ||= "";
        if ( ( $agent =~ m/NET CLR 1.1.4322/ ) ||
             ( $referer =~ m@\.info/$@ ) )
        {
          # print "Content-type: text/plain\n\nsorry\n";
            die "Sorry, this is a spam-free zone. $!";
        }
        return;
    }

    This is now called in the eval block that does the rest of the work for the comment script, so attempts to spam me automatically fail. If I need to add more criteria, I can hook them in as needed, but these two rules seem to have caught everything so far.

Since making these changes, things have gotten much better. I've had no comment spam this week (usually, a handful makes it past the comment spam plugin), and more strikingly, the amount of referer traffic -- requests for random URLs with referer fields like "http://buy-zanax-online.best-buy-site-4u.info" -- has almost, if not quite entirely, disappeared. This is wonderful.

We'll see how well it's working a month from now though ...

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.