WordPress.org

Ready to get started?Download WordPress

Forums

Spammer circumventing spamwords (8 posts)

  1. g-dot
    Member
    Posted 9 years ago #

    spammers seem to probe the weaknesses of wp. more than ever.
    I rely solely on the common spam words filter that's available in wp.
    Lately I have been seeing spam which uses htmls character entity references (the ampersand sign followed by a number, followed by a semicolon) to masquerade the spam string. like that:
    phentermine
    Anyone have a clue how to combat that?
    simply inserting ampersand followed by a #-symbol followed by a number into the "Comment moderation" field doesn't seem to work (i.e. insert the corresponding characters into the field)
    Also, the URI's that contain the spamwords in cleartext don't seem to be evaluated, but that may be due to my older version (1.3a2)...

  2. Mark (podz)
    Support Maven
    Posted 9 years ago #

    Which spam protection are you currently running ?
    Spammers have worked around the built-in protection, hence all the good stuff listed here:

    http://www.tamba2.org.uk/wordpress/spam

  3. EvilBeAr
    Member
    Posted 9 years ago #

    spam karma works the best in my opinion

  4. g-dot
    Member
    Posted 9 years ago #

    Wow that site has grown considerably since last time I visited. I used a few tricks from that site before (like TG's hack to prevent "future spam" and some others I cannot remember right now).
    To clarify: is there a way I can put strings like &#1 into the "Comment Moderation" field?
    Currently they are getting interpreted as characters (which I dont want).
    that would suffice (for me).

  5. 15threads
    Member
    Posted 9 years ago #

    I might be wrong, but it seems to me that spammers might have found another way to get past the spam words list/blacklist.

    Today I found a trackback spam sent by somone named "texas holdem" Initially I thought that it should have been stopped by the built-in spamwords list/ blacklist plugins but since they do not allow two words in a single blacklist entry the closest entry was texas-holdem. Hence "texas holdem" without the dash seemed to have gotten through.

    Are we looking at a loophole here?

  6. davidchait
    Member
    Posted 9 years ago #

    sounds like all of our anti-spam systems (mine included) need to use something to ensure we're not being passed HTML characters. reverse encoding is built-in with php 4.3.x I think, but otherwise you can use:

    function html2specialchars($str){
    $trans_table = array_flip(get_html_translation_table(HTML_ENTITIES));
    return strtr($str, $trans_table);
    }

    In theory, that should be safe to run on any text to then compare against spam lists, even if you then store the original text...

    -d

  7. ayb1
    Member
    Posted 9 years ago #

    Spam Karma is too conservative. I've tried to make a comment three different times on a WP blog and Spam Karma won't let me do it. WTF?

  8. OperaManiac
    Member
    Posted 9 years ago #

    SK was quite weird for me too... had to turn it off finally.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.