PDA

View Full Version : Blog Spammed



Infanteer
01-12-2010, 03:06 AM
Looks like the blogs were spammed by some company selling "Uggs" and will require a bit of cleanup. If the deal is right, I may get some uggs for my daughter before you take the posts down....

Infanteer

Schmedlap
01-12-2010, 03:46 AM
I'm boycotting.

SWJED
01-16-2010, 06:58 PM
Yep. Every morning like clockwork the ugg spammers show up and I delete their comments.

Schmedlap
01-16-2010, 07:08 PM
Is there a way to deny posts from certain IP addresses or deny certain URLs from being posted?

marct
01-17-2010, 02:44 PM
Is there a way to deny posts from certain IP addresses or deny certain URLs from being posted?

There are several ways to do it, but none are 100% effective. I'm using one of the better ones on my own blog which stops about 150-200 spams a day, but I still have to manually delete 2-6 per day.

SWJED
01-17-2010, 03:27 PM
Right now it is manageable - we are down to about 20 or so a week and it isn't hard for me to have them deleted in a relatively short period of time.

William F. Owen
01-17-2010, 03:50 PM
I keep getting spammed by people offering to enlarge my penis. Quite frankly, if anyone comes across anyone offering reduction, please let me know.... :wry:

Eyh.... I kill me!

Schmedlap
01-17-2010, 04:54 PM
There are several ways to do it, but none are 100% effective. I'm using one of the better ones on my own blog which stops about 150-200 spams a day, but I still have to manually delete 2-6 per day.

I've had good success with the following...

1) It's probably not ideal for SWJ, but to reduce my "cyber footprint" for spam searchers, I set my robots.txt file to...


User-Agent: *
Disallow: /I still show up first in any Google search for "Schmedlap" (a common search term, I'm sure!). But, I don't think most people have much luck in searching my site for content (what little there is). Works for me because I don't need the site to generate revenue because my expenses are cheap.

2) My code is written by me. Being an amateur, it is surely convoluted. I have seen strings of literally hundreds of log files where spammers (most likely from foreign countries) clearly were not reading the instructions and couldn't figure out how to post their spam (hint: check the box that says "submit without previewing"!)

3) I only allow a few specific HTML tags. Surprisingly, even after I permitted the anchor tag, most of the spammers tried some other goofy syntax to link to their (DVDs/footwear/porn/malware/etc) and it merely posted as plain text (after they made several go arounds with my convoluted code). They were quickly discouraged and stopped after two spam posts.

Good point on the IP address. The two spam posts that got through were identical, but one was from China and the other from Argentina, so I'm guessing they were masking/impersonating IP addresses.

Thus far, I've had only two spam posts, but many hundreds of attempts. And that's without asking for anyone's email address or requiring anyone to register. I teh rulz!

Schmedlap
01-18-2010, 03:44 PM
Okay, some wise guy just read my last comment.

SWCAdmin
02-08-2010, 05:25 PM
Late to this thread, and strictly amateur myself, but on the basis of advice from others smarter our system picks up a lot. FYI:



We have a decent long list of denys in .htaccess
Robots.txt is nice but only responsible robots read it
God only knows how much those two deny
1,000+ crap comments a day leak through those two above on the Blog, etc.. Looking at the logs, rarely < 1/min. Most of those are throttled by basic measures before they even get to the junk-o-lator, which then picks up most of the rest. Some of which are ID'd by repeat offender IP. Still a handful of comments need manual intervention.
Things are a lot tighter on SWC, but still some leakers. We are blessed with some very active moderators here in the forums.


Any more serious lock-down winds up locking out responsible users. Like our old foray with TypeKey. We still need to update a lot, but we plod along in a semi-functional way. C'est la e-vie.

selil
02-08-2010, 09:37 PM
Any more serious lock-down winds up locking out responsible users. Like our old foray with TypeKey. We still need to update a lot, but we plod along in a semi-functional way. C'est la e-vie.

Once again you got it one. I'm putting you in for the vBulletin spam sniper award. Multiple levels of captcha's, IP deny tools (I've got one list with 100K spam bot IP's), and much more get pretty much all of it. You've likely hit the perfect balance between user lock out and spam lock out. The difference between usability and security being not such a nice and easy place to find you've all done pretty well. One of the forums I was helping was getting 30 to 40 porn spams a day. We implemented all of the protection measures and stopped it dead. Then the forum owner got sad because his unique user numbers plummeted. He removed all of the protections and the forum content can be found between pictures that suggest gymnastics only possible in science fiction and promotion opportunities that can't and shouldn't be believed.