koldfront

Comment spammers

๐Ÿ•˜๏ธŽ - 2006-10-24

It is interesting, it seems that comment spammers cache the pages they spam - or read them from a cache, Googles perhaps? - because it has been a while since I removed the link-field from my comment-form, but would-be spammers still submit it.

I wonder if rot13'ing the input field names would be enough to throw off their harvesters.

So far I do three things that have proven quite effective (in combination): 1) The form goes to a preview-page, this stops a lot of comment-spammers, 2) Check whether the text-field has the same length when submitted first (preview) and second (save) time - apparantly the spammers that figured out to submit the second form aren't that good at interpreting the hidden fields correctly and 3) Don't allow any text that contains [[URL]] and http:// in them.

The last one sucks, obviously. But I think it is better than a CAPTCHA.

Add comment

To avoid spam many websites make you fill out a CAPTCHA, or log in via an account at a corporation such as Twitter, Facebook, Google or even Microsoft GitHub.

I have chosen to use a more old school method of spam prevention.

To post a comment here, you need to:

ยน Such as Thunderbird, Pan, slrn or Gnus (part of Emacs).