06.28.04
Welcome Back Comments
On Saturday, I happened to be checking my e-mail at the perfect time. While perusing my inbox, I suddenly received a flood of new comments on my blog (I send notification to my e-mail when comments are added to my blog). I knew something was wrong when I checked the content of these comments and wanted to kvetch into the nearest trash can.
I had hoped I could leave my blog open to the world to comment freely. Sadly, someone decided to take advantage of my openness, forcing me to completely shut down the ability to leave comments here.
Hopefully I can win this war. I’ve just installed MT-Blacklist in the hopes that it can keep my blog clean and free of this trash, while still allowing you, oh faithful reader, the ability to leave comments. We’ll see how it goes. In the meantime, I’d appreciate your insights into this problem and how you might have solved it on your blog. Leave a comment and let me know what’s worked for you.
Jeremy C. Wright said,
June 28, 2004 at 10:52 am
Jeff,
Please feel free to use my blacklist: www.ensight.org/blacklist.txt
It blocks the vast majority of the spam attempts I get every day (roughly 300-400).
Jeff said,
June 28, 2004 at 11:03 am
Jer,
I had to expect that I’d become a target at some point, but I was shocked at the overwhelming outpouring of comment spam directed at my site. Thanks for the link to your blacklist. I added your entries and will see how well it works.
jOn said,
June 29, 2004 at 10:10 am
If you haven’t already, you might try limiting to one comment per IP address, in a given amount of time (e.g. once a day, once every 12 hours).
This keeps scripts from executing on your sight a multitude of time from the same IP. Obviously, most spammers spoof addresses, anyhow, so this idea might not be very robust, but it is still a good, basic precautionary measure.
Jay Allen said,
June 29, 2004 at 7:51 pm
IP banning is useless: http://www.jayallen.org/comment_spam/2004/05/mtb_20_and_ip_banning
Also, do make sure to keep your list updated to the master blacklist. There are several updater programs that you can for it (see Google).
Jeremy, you’ve got a whole lot of cr-uft in your blacklist. If you want to see a highly-effective blacklist with no false positives (to my knowledge) and less than half of the number of entries you have, check out my own personal blacklist at http://www.jayallen.org/blacklist.txt.
This is different from the master blacklist, by the way, and is the one that protects my own site. It’s far more powerful because of a crafty use of regular expressions.
By the way, for some reason, you are blacklisting “c-r-u” without the dashes. Send me an email with a link to your blacklist and I’ll help you get it back in proper form. Also keep a close eye on your activity log so that you can see when you have bad entries.