Fighting Comment Spam

Posted by Christopher Smith Mon, 20 Nov 2006 22:08:00 GMT

I’m not sure what makes me special, but for whatever reason, I’ve been the subject of a substantial bit of comment spam of late. I’m not sure entirely what I’ve done to deserve this, but it’s given me a quick overview of what does and doesn’t work with regards to fighting comment spam.

First of all, Typo filtering just doesn’t seem to work how I’d expect it to. It may all be user error, as I haven’t looked at the code for it. I’ll look at it more closely in the near future, but for now impression is that it doesn’t work the way it needs to to be effective.

The Akismet support for Typo also seems to be lacking. Enabling it mostly seemed to result in me getting timeouts. I went to look at the Typo site to see how other people were tackling this and discovered… the site was temporarily down. Nice that.

What blows me away is that Typo’s “bulk operations” is still tied to the same synchronous “wait for it to complete or we’ll time out” interface as everything else. What’s clearly called for here is some primitive queuing up of bulk tasks. I’m still learning Rails, but my bet is Rails doesn’t have an easy way to do such a thing (although it seems like it’d be easy to do in Ruby).

Ultimately, I ended up going with the tried and true approach: just blocking port 80 access to IP’s and subnets that were clearly running comment bots. Not an ideal solution if you have a broad audience, but given that I probably have a typical audience of a handful of people, the odds of me accidentally knocking off someone who’d actually read my blog are slim to none. Since I started firewalling off people’s IP’s, the torrent of comment spam that I normally see has diminished to a perfectly manageable level.

So keep that in mind: firewalls are your best frend when it comes to blocking comment spam.

Observations in the first 10 minutes 2

Posted by Christopher Smith Wed, 06 Sep 2006 03:28:00 GMT

So, my first observation is that Google’s AdSense crawler appears to not be getting the joke. So far it has selected ads with titles like “Get Paid To Create Hubs” and “Blog Advertising”.

I guess the ad selection isn’t entirely stupid, as I can only imagine how many first time bloggers expect to make millions out of the public’s intense interest in their thoughts (because in blog world, unlike reality, everyone is interesting).

The other observations I have are:

  • I’m a total novice at this blog thing
  • Blogs appear to have evolved in to something way more complicated than actually makes sense to me
  • I am definitely going to be using Postgres going forward (SQLite is different enough to be annoying without providing any benefits that I can determine)
  • Typo is currently set up to do far too much logging
  • Ruby gems brings back frightening memories of CPAN
  • Given how often I’ve heard Rails folks rail against the many frameworks of Java, it’s amusing to see just how many such frameworks are used by Rails
  • Despite all of it’s other features, it’s not immediately obvious how to add spelling and grammar checking to Typo. You’d think this would be a priority (well, maybe only if your spelling and grammar is as bad as mine).