Are BlogCFC users getting spammed?

Posted At : September 17, 2007 2:40 AM | Posted By : Mark Drew
Related Categories: spam

I have noticed recently that a number of blogs seem to be getting spammed.

Now, why is this different from normal? Well, it seems to me that this spam is *human* spam, rather than bots or anything. They seem to be getting past the captcha on blog comments. The volume is fairly low for a bot, but its constant.

I just wondered if it was just because most of the blogs that I read are running blogCFC, there are human spammers, or there is some way round the captcha?

Just so you know, I have started moderating comments for this reason, don't worry, I shall be checking my email to make sure that the right comments are displayed.

Oh, and most of the IP's seem to be from China. Whatever gets you through the day guys, your spam posts wont appear here.

Comments (27) | Print | Send | del.icio.us | Digg It! | Linking Blogs | 1467 Views
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)
[Add Comment] Add comments window
johnb's Gravatar I get about one a day...mostly rubbish about nice site and a pile of links....
# Posted By johnb | 9/17/07 3:05 AM
Ben's Gravatar This has been going on for years, with the cheap labor markets, spammers are resorting to mannual spamming by groups based in China and India to advertise on Forums, Blogs, Social Networking Sites, etc.

So I really doubt its a vulnerability in BlogCFC.
# Posted By Ben | 9/17/07 3:12 AM
Michael Dinowitz's Gravatar I have a perfect anti-bot-spam setup on my blogcfc install and I've gotten a spam or two in the last few weeks. Either it was a human or it was a both that remembered its 'state' from page to page. I assume the latter.

As for a way around captcha, I don't use it but looking at the captcha I see below, it should not be that hard for someone to code a OCR program to crack it. I'm looking at a captcha of 4 letters, 3 fonts and very little skewing of the letters. Not very effective.
# Posted By Michael Dinowitz | 9/17/07 3:41 AM
Mark Drew's Gravatar @johnb: That is what I get, but I get a couple a day, enough to be annoying.
@Ben: It isnt a surprise to get them, its just that it seems to be targetting CF blogs (hence I am spotting it now) and hence I am not sure what to do... I shall see if I can increase the captcha settings, and apologies for that!
@Michael: I think they are human, some of the quotes seem to make sense (rather than copy and paste) and then the links which have no pattern) I shall see if I can increase the settings for my comments.
# Posted By Mark Drew | 9/17/07 4:21 AM
Phil Duba's Gravatar I have gotten about one every few days. I have just started adding the IPs to the blocked list and go from there.
# Posted By Phil Duba | 9/17/07 7:16 AM
Brian Rinaldi's Gravatar I have fairly regular spammers who seem to be human. Recently though I had a day when I got upwards of 50+ spams in a day all seemingly human...unfortunately I had to up my CAPTCHA settings after that day, and while it hasn't eliminated the spam, nothing that bad has happened since.
# Posted By Brian Rinaldi | 9/17/07 8:34 AM
Mark Drew's Gravatar I think captcha has worked its magic, the problem being, that the spammers have just gone lo-fi on us.

As long as we all moderate, that should deal with it one would hope?
# Posted By Mark Drew | 9/17/07 8:41 AM
Raymond Camden's Gravatar @MD: I disagree. Captcha has worked just fine for me - even the "easy' state like Mark Drew has here. Yes, it could be OCRed but it hasn't happened yet. It is definitely humans. MD - I've seen a slight increase. I used to get close to no spam. I'm now getting about 1 per week, which is -very- manageable for me. :)
# Posted By Raymond Camden | 9/17/07 9:21 AM
Mike Henke's Gravatar Anyone using Akismet for Coldfusion and still getting spam? There is a cfakismet which is very easy to setup.
http://tinyurl.com/35xv4j
# Posted By Mike Henke | 9/17/07 9:32 AM
Mike Henke's Gravatar Not sure if my comment was post. The process seemed to hang. I was wondering if anyone experiencing the spam is using Akismet? There is cfakismet from Google Code which is easy to setup and use. http://tinyurl.com/35xv4j
# Posted By Mike Henke | 9/17/07 9:38 AM
Ciqala's Gravatar one of the main reasons they could have started targeting CF sites is they stumbled upon that site that lists all the CF powered sites in one place. i'm sure they trawl the web for the self same type of sites.

unfortunately the only real way i think to battle spam once you get to a certain size is to implement slashdot/digg style ratings for content and allow users to police it themselves.

if you've never seen slashdot's method for handling large-volume spammers, trolls etc it makes for interesting reading...

http://yro.slashdot.org/faq/com-mod.shtml

obviously smaller sites wouldnt never need that much functionality and it'd be a bit like trying to smash a walnut with a sledge hammer but it highlights just how big of an issue this can be to people who are responsible for building social based websites.
# Posted By Ciqala | 9/17/07 9:44 AM
Mark Drew's Gravatar @Ciqala: The problem is that my site is fairly low traffic, so the problem would be that the spammers could have their crap up on my site for a while until it got moderated. Then again, I know you guys, I trust you guys! I think I would only moderate stuff from *NEW* people... what do people think about that?

@Ray: go implement please;) (in your own time)

Actually, I am doing some design changes to my blog, it might be part of that...
# Posted By Mark Drew | 9/17/07 9:48 AM
Mark Drew's Gravatar @Ciqala: I presume this means that your internet is back on then Ciq? BACK TO WORK!
# Posted By Mark Drew | 9/17/07 9:49 AM
Rob Brooks-Bilson's Gravatar I was getting about 4-5 spams a day on my etch blog using the basic 3 character captcha like Mark has. Most of it was for gold farmers. I upped my captcha to more characters, adn the spam has now died down to ~1 per week.
# Posted By Rob Brooks-Bilson | 9/17/07 10:00 AM
Mark Drew's Gravatar Lets see if with a longer string, people will be less into adding crap to my blog!

And apologies to *normal* commenters...
# Posted By Mark Drew | 9/17/07 10:22 AM
Ciqala's Gravatar i am at work! :P

with the slashdot stuff i was referring more to the problem in general, showing that stuff like captcha works to a point but when you become a big enough target due to your site traffic/ exposure you really need to take the moderation out of the hands of the site admin (unless you can afford a team to moderate it in which case fill your boots ;) ) and rely on your users having a strong sense of community and the will to see threats such as this minimised.

as i said for blogs typically this is overkill but you could always do something that sat mid-way between the two.

i saw this site a while back which has some nice simple (hah!) maths questions in lieu of a captcha...

http://random.irb.hr/signup.php

i think there is a lot to be said to this kind of approach (i.e. targeting the security to the target audience rather than *any* human with net access).
# Posted By Ciqala | 9/17/07 10:25 AM
Adrian J. Moreno's Gravatar I've had a couple of spam comments, but they've really latched onto the "Send" on one particular post. Since BlogCFC CC's the author on send.cfm, I get 7-10 of those a week.
# Posted By Adrian J. Moreno | 9/17/07 12:09 PM
Raymond Camden's Gravatar @Adrian: If you use CAPTCHA in blogcfc, than CAPTCHA is enabled for the Send feature. If you don't want CAPTHA for comments but do want it for Send, you could modify the code easily enough.
# Posted By Raymond Camden | 9/17/07 12:29 PM
Mark Drew's Gravatar I had a thought this morning when I was talking to Ciqala: Instead of using captcha, I should just look for web addresses in the body of the post, something with http:// or www.

If any posts are sent with that, I am thinking that they would need to be moderated.

What do you guys think of this idea, or maybe having a set of rules, so that if it has a url it gets moderated, if I delete that post, the url gets put in a blacklist, so then next time the idjits post spam, if it has a url and that url (or domain) is in the blacklist, then it automatically rejects the post completely. and shows them a nice picture of tubgirl ... or something
# Posted By Mark Drew | 9/20/07 7:32 AM
johnb's Gravatar i had exactly the same thought! At the moment either the enter comments has to be moderated for an entry, the ability to auto moderate for links would be neat.
# Posted By johnb | 9/20/07 7:47 AM
Raymond Camden's Gravatar Interesting idea. Mark - be sure to bring this up again during 6.0 development.
# Posted By Raymond Camden | 9/20/07 9:20 AM
Mark Drew's Gravatar @Ray: When is 6.0 dev starting? ... so that I can remind you :)

MD
# Posted By Mark Drew | 9/21/07 12:00 PM
Raymond Camden's Gravatar It will begin when....

1) I wrap Galleon 2 (few days away)
2) I wrap BlogCFC 5.9
3) I do minor updates for LHP, Soundings, Harlan, and the others
4) MAX is done.
5) Peace arrives in the Middle East
6) Pigs Fly
7) Paris Hilton graduates.... anything
8) I get slim.
# Posted By Raymond Camden | 9/21/07 1:13 PM
Mark Drew's Gravatar Another idea I had about comment spam, is to check whether the comment is the same as a previous comment. Since some spammers just put "Interesting Post" with the URL in the contact details (even though it has a "no-follow").
# Posted By Mark Drew | 10/3/07 2:36 AM
seo services's Gravatar unfortunately the only real way i think to battle spam once you get to a certain size is to implement slashdot/digg style ratings for content and allow users to police it themselves.
# Posted By seo services | 3/20/08 11:19 PM
Matt's Gravatar Captcha os est protect..
# Posted By Matt | 3/23/08 12:58 PM
online shopping's Gravatar Well, this is a thing that many people debate and the answer may yet be as unclear. For example, would you consider my comment as spam? There shouldn't be any reason for doing so. Why? Well, firstly, I'm posting something relevant to your site and post. I'm not posting “You have such nice site, alwys good fr information.” I'm posting something sensible that contributes towards the discussion. Secondly, I'm not posting a web link in my actual post (or, a number of weblinks!) In my opinion, there is absolutely nothing wrong with my comment at all. But it would be interesting to hear your opinion on that.
# Posted By online shopping | 7/11/08 11:19 AM
[Add Comment]