Welcome to Geeklog, Anonymous Thursday, February 06 2025 @ 04:56 am EST
Geeklog Forums
Crushed by comment spam
Nathan Burke
Anonymous
I'm using Geeklog 1.4.0sr5-1 and have just moved from an internal server to a remote web host. And literally minutes after the DNS changed, I started getting slammed by comment spam. We're talking about dozens a minute.
I wrote a script that does a nice job at cleaning out the comment spam, but I'm thinking of another approach: stopping the spam before it is entered into the database. I've noticed some patterns, and was wondering a) if there is existing functionality that I'm just not aware of in geeklog to take care of this or b) if you could point me in the right direction as to where (which files, etc) I could implement the following.
1. The comment spam is coming from many different IP addresses. I don't know if this is due to spoofing, or if it's due to zombie machines. So IP address is not a sufficient variable to check against when deciding whether to allow the comment.
2. Title- The most glaring thing I keep seeing is that the title of the comment is different from the post. When the title of the comment is different, it's spam 99% of the time. And a lot of the time, the title of the comment is "Nice!"
Is there a way to create a blacklist of comment titles? I can be pretty sure that if the title of the comment is "Nice!", it's a spammer. So, if I could check the title of the comment against a spam title blacklist before entering it into the database, I'm sure this would eliminate a LOT of the spam.
3. Moderated comments- Is there a way to set geeklog to place a comment in a moderation queue? For instance, if a comment has more than 2 links, could I place it in moderation?
I want to thank you in advance for reading my post, and any suggestions or comments would be greatly appreciated.
Thank You!
I wrote a script that does a nice job at cleaning out the comment spam, but I'm thinking of another approach: stopping the spam before it is entered into the database. I've noticed some patterns, and was wondering a) if there is existing functionality that I'm just not aware of in geeklog to take care of this or b) if you could point me in the right direction as to where (which files, etc) I could implement the following.
1. The comment spam is coming from many different IP addresses. I don't know if this is due to spoofing, or if it's due to zombie machines. So IP address is not a sufficient variable to check against when deciding whether to allow the comment.
2. Title- The most glaring thing I keep seeing is that the title of the comment is different from the post. When the title of the comment is different, it's spam 99% of the time. And a lot of the time, the title of the comment is "Nice!"
Is there a way to create a blacklist of comment titles? I can be pretty sure that if the title of the comment is "Nice!", it's a spammer. So, if I could check the title of the comment against a spam title blacklist before entering it into the database, I'm sure this would eliminate a LOT of the spam.
3. Moderated comments- Is there a way to set geeklog to place a comment in a moderation queue? For instance, if a comment has more than 2 links, could I place it in moderation?
I want to thank you in advance for reading my post, and any suggestions or comments would be greatly appreciated.
Thank You!
11
10
Quote
Status: offline
jmucchiello
Forum User
Full Member
Registered: 08/29/05
Posts: 985
Activate your Spam-X plugin.
15
10
Quote
Nathan Burke
Anonymous
I've got spamx activated.
5
8
Quote
Status: offline
Dirk
Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
Disable comments for anonymous users. And if you've done that already, use GL-Captcha to stop the spambots from signing up. Install SLV. Read Dealing with Spam (on the wiki).
bye, Dirk
bye, Dirk
5
6
Quote
RebeccaMI
Anonymous
Quote by beewee: Try the Captcha plugin, that should handle it.
Where could I find that plugin so I could download it and install it?
5
5
Quote
Status: offline
Laugh
Site Admin
Admin
Registered: 09/27/05
Posts: 1472
Location:Canada
Captcha is not a plugin is is a hack that currently works for creation of new users.
http://www.geeklog.net/filemgmt/index.php?id=754
It would be nice to include this in the next version of geeklog with the ability for plugins to access it as well.
One of the Geeklog Core Developers.
http://www.geeklog.net/filemgmt/index.php?id=754
It would be nice to include this in the next version of geeklog with the ability for plugins to access it as well.
One of the Geeklog Core Developers.
4
6
Quote
All times are EST. The time is now 04:56 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content