He's spamming my site with comments! how do i block him?

msafi · New Poster Joined: 18 Sep 2004 Posts: 35

my website is full of spam comments now. like 15 spam comments all advertising **** products. how do i block the a$$h0le?

i'm sure this has been discussed before. but instead of getting angry with me for repeating the question, can you direct me to the discussion thread? i searched but i couldn't find it.

thanks,

EdB · /bb|[^b]{2}/ Joined: 05 Jan 2004 Posts: 7123 votes: 90

Sometimes the spammer is kind enough to include their link in the "author url" field, but often times not. Most of them write nonsense with every third or fourth word linked to a url. Often the url is a subdir of a domain, meaning "foobar.blahblah.nnn" then "nonsense.blahblah.nnn" then "garbage.blahblah.nnn". They're easily wiped. Look at the comment (click the edit link for easiest access to the full url they are linking) and say to yourself 'I think I'll just delete and ban and report blahblah.nnn'. Now go to your antispam tab and type in 'blahblah.nnn' and click on "nail this useless mofo to an inverted cross" (though that's not the exact text...). It will find the offending comment(s) and give you the chance to delete and ban and report.

Do it. Delete them and ban them and report them.

Oh and if they happened to be kind enough to include 'blahblah.nnn' in the comment author url field you'll have a ban symbol to facilitate the process. Generally speaking though you'll want to see the most efficent way to ban them, and that will be blahblah.nnn instead of any given subdomain associated with blahblah.nnn.

Personally when I get to ban one I get this really cheap thrill out of it. Like some sort of digital payback, ya know?

msafi · New Poster Joined: 18 Sep 2004 Posts: 35

Thanks EdB. Always helpful.

BTW, is there an option in b2evo to ban ip addresses?

mattbta · Seasoned Poster Joined: 20 Jun 2004 Posts: 87

I've also implemented a captcha for comments so that a random number code is displayed to the user and if they don't enter THAT number, the comment doesn't post. Since impementation - ZERO comment spam.

kiesow · Hooked :) Joined: 23 Jan 2004 Posts: 255

s7uar7 · New Poster Joined: 30 Sep 2003 Posts: 20 votes: 1

mattbta · Seasoned Poster Joined: 20 Jun 2004 Posts: 87

Yeah - I can do post it. It'll take some time to pretty it up for prime-time.

whoo · Big Sister Joined: 25 Dec 2004 Posts: 1293 votes: 19

there are a few really simple things that can deter comment spam..

1.maatba is using the same thing im using, and did use on my public b2evo site. you can grab the files here: http://www.village-idiot.org/a...revisted/. The original site is here: http://www.gudlyf.com/index.php?p=376

I did not include installation instructions.. the plugin is made for wordpress and it took quite a few file edits to get it to work

2. the other simple thing is to rename the file that is responsible for the http_post of any comments -- spammers arent actually visiting your site, they know the names of the files, they look for those, all the items are remotely submitted

3. another idea, similar to captcha but easier to do if your especially lazy, is just to require an extra field, like your name.
For instance, You have a input box .. next to the box you say
Tom's first name : _____

They have to put Tom in the box

Believe it or not, that works, as long as you check it before the (comment) form is submitted.

--

By the way, None of the above methods will prevent referer spamming, just comment spamming. my .htaccess is publically available on my site in several entries (its an ongoing problem, despite the fact that my stats arent public) to combat simple referer spamming.

I have not gotten ANY comment spam since renaming the file responsible for comment submission-- if that can be done within b2evo as easily as it can be done in worpress, thats by far the simplest way to deter them.

Cant help anymore right now, football is on Smile

-----------

a quick look at _feedback.php showed me this:

whoo · Big Sister Joined: 25 Dec 2004 Posts: 1293 votes: 19

comment_post.php is called twice as far as I can tell--, for anyone wondering how simple is is to rename that file, and all instances:

inside admin/_edit_showposts.php:

EdB · /bb|[^b]{2}/ Joined: 05 Jan 2004 Posts: 7123 votes: 90

The new file name shows up in your source code, so the 'person' who searched for a sequence of key words from the comment form area will get the new form name. They might not use it, but since it's there in a predictable and repeatable place it's an easy thing to programmically snag.

http://www.google.com/search?n...tnG=Search

showed up in my search results. I wonder if I should be celebrating my number one position?

I like the "type this word" method better. Altering the bot code to find something unpredictable is possible but extremely unlikely, so it should be okay. I'm also figuring on putting the check in the comment_form file with an errors_add so the human can go back and type Tom's name again. Just in case they thought Tom's name was Bob.

OTOH I don't get much in the way of comment spam, so why fix it? It's the new one-shot referer probes that are getting me annoyed.

whoo · Forum Admin Joined: 25 Dec 2004 Posts: 1293 votes: 19

edb, if you check my site, you will see that the renamed page I use is viewable in my source. It doesnt matter, theyre not looking at your source-- they (the spammers) already know what the name of the pages are by defualt-- that is what they are looking for.

I can show my logs, where hit after hit came in looking for the defualt comment submission page. http_posts are done remotely using scripts by spammers -- theyre not searching out source in pages, or even looking at your pages, for that matter.

reffy (search it) comes with over 3000 blog sites included for just that purpose.

as for fixing it, if you dont have a problem, why would you. My suggestion was for those that are having a problem, and are looking for a very very simple solution.

if you check my .htaccess, nearly every single url ive included within the mod rewrite code has attempted unsuccessfully to comment spam my site, and not one has succeeded. I use the mod rewrite just because I dislike the referer spam; comment spam has not been any sort of problem for me, since renaming the file.

its just one more thing that deters them, thats all. using them all works for me, and thats all I worry about in the end

EdB · /bb|[^b]{2}/ Joined: 05 Jan 2004 Posts: 7123 votes: 90

whoo · Janitor Joined: 25 Dec 2004 Posts: 1293 votes: 19

gacjezv · New Poster Joined: 08 Jan 2004 Posts: 21

Hi all

Great hack this is, as I have been getting regular spam lately in comments.

Can one of you fine gents post some simple instructions to add this function to a B2evo blog?

I am a php dummie and while can do simple stuff, I am not confident in this style of hack.

thanks a ton
gacjezv

EdB · /bb|[^b]{2}/ Joined: 05 Jan 2004 Posts: 7123 votes: 90

Whoo's "rename the file" method is covered really well. You find the two files she mentioned and change "comment_post.php" to "gabbagabbahey.php" or whatever floats your boat, then change comment_post.php to gabbagabbahey.php (or whatever previously supported your previously mentioned sailing vessel).

The "type a word" thins is a little more complex. If you want it let me know and I'll type it up when I'm thinking clearer.

	b2evolution Forum Index -> Obsolete Forum Threads	All times are GMT - 5 Hours Goto page 1, 2, 3 Next
Page 1 of 3