WordPress.org

Ready to get started?Download WordPress

Forums

Blog get spammed!!?! how to stop it? (47 posts)

  1. Anonymous
    Unregistered
    Posted 9 years ago #

    I couldn't believe my eyes when I checked my mail today. I had 32 new mails informing about new comments at my blog (I have to approve them first before those get published). When I checked the mails and comments they were all from the same "person" and the comments make no sense (e.g. "sometimes a cigar is just a cigar" ) so I guess this is a new way of spamming. All were from "free texas holdem" with the e-mail addie: sunny@moonlightshadow.us (which doesn't exist) and url: http://www.I'm _a_stupid spammer.com and this "person" or what ever the heck this is has commented on every entry I've ever made in my blog. This is just annoying!! Every comment had a different IP (which I'm not sure are the IP's for real or stolen so I'm afraid to block them if those belong to my friends) has anyone had the same problem? I remember someone posted some time ago about blog spamming.. but what can I do if this goes on? Even right now my outlook is receiving new messages but oh no it's a different url and e-mail this time! Author : free online poker (IP: 61.66.230.42 , 61.66.230.42) E-mail : lilo@suddenenlightenment.us URL:http://www.I'm _another_stupid spammer.com. what can I do? Is there any way to stop this? :(
    [Moderated: Spammers url's removed]

  2. Anonymous
    Unregistered
    Posted 9 years ago #

    Only 32? I've heard of some blogs getting hundreds, so consider youself lucky! :)
    http://mookitty.co.uk/devblog/ is a place to find some very effective spam tools for helping with this. You can't stop the spam, but you can make it easier to delete, and at the same time you can flag common spam words for future comments. The tools log email address and IPs as well, so anything in the future from those sources can automatically be flagged.
    The 100% way to prevent spam is to not have a blog on the internet.

  3. Anonymous
    Unregistered
    Posted 9 years ago #

    Grrr... thanks for the url. I so HATE SPAMMING! This way the whole internet is gonna collapse sooner or later. People are so stupid when they spam >_<

  4. Anonymous
    Unregistered
    Posted 9 years ago #

    We had the same problem. I just upgraded to the new BlackList 2.6.1 and it seems to be working so far. It was a pretty quick install. Best of Luck.

  5. Anonymous
    Unregistered
    Posted 9 years ago #

    http://sm.farook.org/files/WPBlacklist261.zip
    This is the newest Blacklist that just came out today. Seems to work for me, I have already caught 10 spam attempts by the poker freak.

  6. wellard1981
    Member
    Posted 9 years ago #

    Only one way to combat spam! Have people register on your blog with a valid e-mail address to comment.
    I've done a bit of code hacking, so when a user registers, it sends them a password instead of them defining one, which should garuntee a legitimate comments to appear. If the user provides a fake or invalid e-mail address, they wont be able to login.
    Since implenting this, I've not had ANY comment spam.
    I'm cleaning up my wp-comments.php and wp-register.php code, and they will be listed on my WP hacks page soon.
    http://www.wellardsworld.com/content/wphacks

  7. NuclearMoose
    Member
    Posted 9 years ago #

    Wellard1981,
    I think that is one of many solutions, but certainly not everybody who wants to comment wants to also register, so depending on the site, you may miss out on a lot of legitimate comments. Also, what happens if a spammer writes code to request a password for 2000 hijacked, but legitimate email addresses? I'm not a coder, so I'm just asking this out of curiosity.
    I think what is important is that this is yet another tool in the toolbox, and it will be very effective on a specific kind of site. I for one would not bother to register to make a comment on a site. It's another password to manage, and I need to keep things really simple for my moose brain.

  8. JakeMoney
    Member
    Posted 9 years ago #

    How do I require people to register with a valid e-mail before they can comment? I've looked all over and I can't find that option.

  9. wellard1981
    Member
    Posted 9 years ago #

    @NuclearMoose: Agreed, however the amount of spam that my site was getting was beyond control, I had to come up with something.
    Obviously if somebody wrote some code to send passwords to valid e-mail addresses, then my code would need to be changed, one idea could be to generate a random graphic with letters/numbers and a routine to verify that the user has entered the correct code.
    But IMO, somebody writing code to get around one site would be a complete and total waste of time.

  10. starling
    Member
    Posted 9 years ago #

    I'm facing the very same problem. I'll try to implement the 'auth image' hack, but before that I'll try to block any comment. The problem is: I have to edit every post to uncheck the 'Allow Comments' option. :/

  11. WebSlog
    Member
    Posted 9 years ago #

    Try Kitten's SpamWords plug in.

  12. NuclearMoose
    Member
    Posted 9 years ago #

    JakeMoney,
    That is not in the default installation of WP. It is either a plugin or a hack.

  13. Root
    Member
    Posted 9 years ago #

    Sometimes a cigar is just a cigar ? Was not that the Marx brothers. ?

  14. m327
    Member
    Posted 9 years ago #

    Sometimes a cigar is just a cigar ? Was not that the Marx brothers?
    Freud.

  15. Anonymous
    Unregistered
    Posted 9 years ago #

    I have also been hit by the poker dude today. Nothing he writes seems to be too disturbing. Weird yes, dirty or disturbing, no. Think I'll leave the comments be. This may just be a coincidence but since poker dude came by, when I check my stats on cpanel, I have had almost 200 visitors from about 50 different countries. No clear indication of what is bringing them to my site?? Is there a connection?

  16. Beel
    Member
    Posted 9 years ago #

    'tis peeps that leave the comments up that make spamming worthwhile ;)

  17. lizzamay
    Member
    Posted 9 years ago #

    I've gotten almost 3300 spams since yesterday. The Blacklist program I installed (the one at weblogtoolsconnection or something to that effect) keeps the comments from being posted, but instead they go to the moderation list, and I STILL get emails for them, even though I turned off comment emails. This is so aggravating -- 3300 emails! In one day! What to do???

  18. Fahim
    Member
    Posted 9 years ago #

    WPBlacklist does allow you to auto-delete the spam identified as comments - you just have to turn on the correct options ... at least, if you are using the current version 2.6.x. As for receiving the e-mail about the spam even when you have comment e-mails turned off, do you have the moderation notification turned off as well? Otherwise, it might be the moderation notification you're receiving instead of the comment notification.

  19. Gankaku
    Member
    Posted 9 years ago #

    I'm here because I have this same problem. A spammer's stuck two comments in all of my posts. I'm hoping I can find some decent method without resorting to registration, which I'm setting now so that I don't have to do so much cleanup later.

  20. Laughinglizard
    Member
    Posted 9 years ago #

    Podz (or another mod) please remove the link to the spam site at the top of this thread. They are getting all the publicity/pagerank they ever wanted from their spam! Thanks.

  21. Beel
    Member
    Posted 9 years ago #

    I made the same suggestion (hint) on the other thread...
    http://wordpress.org/support/3/15067

  22. Anonymous
    Unregistered
    Posted 9 years ago #

    Put this code in wp-comments-post.php directly under the "require( dirname(__FILE__) . '/wp-config.php' );" line:

    // * CUSTOM COMMENT BLOCK!
    $blocklist = file('blocklist.txt');
    foreach ($blocklist as $blockurl) {
    $blockurl = trim($blockurl);
    if (strpos(strtolower($_POST['url']), $blockurl) !== false)
    die( __('Sorry, please login') );
    if (strpos(strtolower($_POST['comment']), $blockurl) !== false)
    die( __('Sorry, please login') );
    if (strpos(strtolower($_POST['email']), $blockurl) !== false)
    die( __('Sorry, please login') );
    }
    // CUSTOM COMMENT BLOCK! *

    Create a textfile in the same directory called 'blocklist.txt'. Then put a list with all the keywords you want to block in blocklist.txt. (Each one on a new line) Like:
    online-casino-special
    casinogamesvegas
    free-online-poker-a
    1-poker-games
    1-texas-holdem-poker
    lilo@suddenenlightenment.us
    Works for me. Usage at own risk. ;)

  23. Anonymous
    Unregistered
    Posted 9 years ago #

    In the past two days I've had about 500. Finally, today I turned off the comments option for every post except the most recent two. For those, everything goes to moderation. I'm not happy, however, that WP provides a list of words that you wouldn't want to post comments and puts them into moderation instead of automatically deleting them. Trust me, this online poker freak isn't someone who I want to post at all. If I put them in this list, why would I want to check them out before deleting them. Why can't wp automatically delete posts using the key word list?

  24. charle97
    Member
    Posted 9 years ago #

    there's a plugin for that. try mookitty's comment killer plugin.

  25. Beel
    Member
    Posted 9 years ago #

    Anonymous: It is short sighted to automatically delete posts which contain one or more key words as the posts themselves may not be objectionable. If that were the case, 6 posts here with the word "poker" in them, including yours, would have been deleted. The only post here I would consider objectionable is "your" first post which accomplishes what the spammer is after - a published link to the site.

  26. Anonymous
    Unregistered
    Posted 9 years ago #

    Brian, is that how they are able to post spam to posts that don't even exist? I got some today on "post #2", which doesn't even exist.

  27. Anonymous
    Unregistered
    Posted 9 years ago #

    I found once I implemented the spambot trap I found on webmaster's world, and instituted a locked down policy: No public referral logs, all comments moderated, no displayed email address I have had barely any spam at all.

  28. BrianMertens
    Member
    Posted 9 years ago #

    Anon #1: I have read on another thread that poker guy's script just iterates through numbers to 'guess' article ids - the inference being that the bot is not bothering to read your blog to find article ids.
    Anon #2: You may have solved the problem of spam comments appearing on your site, but by moderating comments, you still have to read each of the spambot's attempted comments in your inbox. That's what I'd like to avoid.

  29. Fahim
    Member
    Posted 9 years ago #

    Brian: Install WPBlacklist 2.61 - it allows you to specify which type of comments that get on the moderation queue should be automatically deleted - just those matching the comment author's IP or e-mail or site URL or those match anything in the comment body. Heck, you can even tell the plugin to delete comments put into moderation by an external source - like the WP core for having more than a specific number of links in the comment body. You can get the plugin from http://sm.farook.org/files/WPBlacklist261.zip

  30. Anonymous
    Unregistered
    Posted 9 years ago #

    There's a very simple and apparently quite effective alternative to blacklists that I cooked up. Simply do this:
    - rename wp-comments-post.php to something else (my-comments-post.php for example)
    - change wp-comments.php to call that instead of wp-comments-post.php
    Voila. No more spam, at least not until the spambots become more intelligent. Currently they just seem to call the default WP comment-posting script.
    Petri Wessman

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.