What is comment spam? It’s a long and not very interesting story, but if you suffer from it you may gain some small comfort from knowing why it happens. Or at least some of it, cos there’s a new type I’ve just started receiving, which mystifies me too at the moment. But on with the knowns:
I’ve been getting a lot of comments submitted to my blog with some rambling text and a link to a certain texas poker site. The rambling text is not designed to draw me to click on the site, it’s more subtle than that. The rambling text performs two functions: (1) it makes it less obvious to me that the post is just posted by an automated script rather than a person, and (2) makes it look less like a meaningless link to Google.
A top spot on Google’s search results is a very valuable advertising commodity, so naturally, uh, ‘enterprising’ businesspersons will seek, uh, ‘creative’ ways to get up on the top spot. They might be ‘enterprising’ and ‘creative’ but these folk are not stupid. They study how google rates and sorts its results. A major factor Google uses is weighting a page by the number of other pages that link to it.
The submitter of these comments is hoping that you’ve not got moderation turned on, and that you just leave the comments lying around on the web. That way, when google’s indexer wanders past your site, it counts - oo look, 157 contributors to this site all refered to such-a-site, I guess that makes it a pretty authoritative site on whatever subject it’s on then.
By turning on moderation it’s easy enough to stop the spammer (a) mussing up your comments and (b) profiting from (a). It’s less easy to delete all the offending submissions from your moderation panel in wordpress.
How to stop these spams getting in there in the first place? Bro has suggested a simple obstacle that will currently stop automated scripts from posting spam. It’s a secret mechanism protection which works for now but can’t be published, since then it won’t be a secret! (Secret mechanism protection is regarded as bad cryptography: good cryptography uses a publicly-known technique and a secret key. Of course Bro knows all this, but while it’s not publicly known, it works, and we’re not hiding the crown jewels here!)
The mysterious spams I’m now getting are simply compliments on my Spitfire blog. They are mysterious because they are just short complementary comments like “Great site! Thanks!” or “I like what you have done especially with the layout and design” and NO HYPERLINKS. This is a bit of a mystery to me. Any ideas?
6 comments so far...
I get loads of those too, it is a bit strange
I implemented a mechanism similar to Stu’s and it worked for a bit but then the spam started coming again. I can only presume the spambots parsed my form (though mine doesn’t change like his does. I’ll try that next).
I then implemented kitten’s spaminator (google it). With a bit of tweaking this can be made to catch pretty much all spam (it hasn’t missed one yet) with virtually no false positives (none since I last tweaked it a couple of weeks ago).
You might want to remove the Email field from the form, too, then any comment with an email address can be flagged as definitely spam (though of course there’s a cookie issue to consider).
My best guess apropos the spitfire comments is that they’re supposed to leave a link in the URL field, but either you haven’t got one or the person who wrote the bot screwed up.
Gross stupidity?
Me too.
Oh, and buy your telephone network services from me.
grrrrr bastards
I get the same weird comments. I would agree with Mongers about the linkless spambots being ‘faulty’ somehow, but I’m no expert.
leave a reply
You must be logged in to post a comment.