Mark Drew (Redux)- cf_etc...

a compendium of railo, cfml, cfeclipse and technology topics

Mark Drew (Redux)- cf_etc...

Are BlogCFC users getting spammed?

September 17, 2007 ·

I have noticed recently that a number of blogs seem to be getting spammed. Now, why is this different from normal? Well, it seems to me that this spam is *human* spam, rather than bots or anything. They seem to be getting past the captcha on blog comments. The volume is fairly low for a bot, but its constant. I just wondered if it was just because most of the blogs that I read are running blogCFC, there are human spammers, or there is some way round the captcha? Just so you know, I have started moderating comments for this reason, don't worry, I shall be checking my email to make sure that the right comments are displayed. Oh, and most of the IP's seem to be from China. Whatever gets you through the day guys, your spam posts wont appear here.
del.icio.us Digg Facebook reddit Google Bookmarks

Tags: spam

29 responses

  • 1 johnb // Sep 22, 2008 at 4:13 PM

    I get about one a day...mostly rubbish about nice site and a pile of links....

  • 2 Ben // Sep 22, 2008 at 4:13 PM

    This has been going on for years, with the cheap labor markets, spammers are resorting to mannual spamming by groups based in China and India to advertise on Forums, Blogs, Social Networking Sites, etc.

    So I really doubt its a vulnerability in BlogCFC.

  • 3 Michael Dinowitz // Sep 22, 2008 at 4:13 PM

    I have a perfect anti-bot-spam setup on my blogcfc install and I've gotten a spam or two in the last few weeks. Either it was a human or it was a both that remembered its 'state' from page to page. I assume the latter.

    As for a way around captcha, I don't use it but looking at the captcha I see below, it should not be that hard for someone to code a OCR program to crack it. I'm looking at a captcha of 4 letters, 3 fonts and very little skewing of the letters. Not very effective.

  • 4 Mark Drew // Sep 22, 2008 at 4:13 PM

    @johnb: That is what I get, but I get a couple a day, enough to be annoying.
    @Ben: It isnt a surprise to get them, its just that it seems to be targetting CF blogs (hence I am spotting it now) and hence I am not sure what to do... I shall see if I can increase the captcha settings, and apologies for that!
    @Michael: I think they are human, some of the quotes seem to make sense (rather than copy and paste) and then the links which have no pattern) I shall see if I can increase the settings for my comments.

  • 5 Phil Duba // Sep 22, 2008 at 4:13 PM

    I have gotten about one every few days. I have just started adding the IPs to the blocked list and go from there.

  • 6 Brian Rinaldi // Sep 22, 2008 at 4:13 PM

    I have fairly regular spammers who seem to be human. Recently though I had a day when I got upwards of 50+ spams in a day all seemingly human...unfortunately I had to up my CAPTCHA settings after that day, and while it hasn't eliminated the spam, nothing that bad has happened since.

  • 7 Mark Drew // Sep 22, 2008 at 4:13 PM

    I think captcha has worked its magic, the problem being, that the spammers have just gone lo-fi on us.

    As long as we all moderate, that should deal with it one would hope?

  • 8 Raymond Camden // Sep 22, 2008 at 4:13 PM

    @MD: I disagree. Captcha has worked just fine for me - even the "easy' state like Mark Drew has here. Yes, it could be OCRed but it hasn't happened yet. It is definitely humans. MD - I've seen a slight increase. I used to get close to no spam. I'm now getting about 1 per week, which is -very- manageable for me. :)

  • 9 Mike Henke // Sep 22, 2008 at 4:13 PM

    Anyone using Akismet for Coldfusion and still getting spam? There is a cfakismet which is very easy to setup.
    http://tinyurl.com/35xv4j

  • 10 Mike Henke // Sep 22, 2008 at 4:13 PM

    Not sure if my comment was post. The process seemed to hang. I was wondering if anyone experiencing the spam is using Akismet? There is cfakismet from Google Code which is easy to setup and use. http://tinyurl.com/35xv4j

  • 11 Ciqala // Sep 22, 2008 at 4:13 PM

    one of the main reasons they could have started targeting CF sites is they stumbled upon that site that lists all the CF powered sites in one place. i'm sure they trawl the web for the self same type of sites.

    unfortunately the only real way i think to battle spam once you get to a certain size is to implement slashdot/digg style ratings for content and allow users to police it themselves.

    if you've never seen slashdot's method for handling large-volume spammers, trolls etc it makes for interesting reading...

    http://yro.slashdot.org/faq/com-mod.shtml

    obviously smaller sites wouldnt never need that much functionality and it'd be a bit like trying to smash a walnut with a sledge hammer but it highlights just how big of an issue this can be to people who are responsible for building social based websites.

  • 12 Mark Drew // Sep 22, 2008 at 4:13 PM

    @Ciqala: The problem is that my site is fairly low traffic, so the problem would be that the spammers could have their crap up on my site for a while until it got moderated. Then again, I know you guys, I trust you guys! I think I would only moderate stuff from *NEW* people... what do people think about that?

    @Ray: go implement please;) (in your own time)

    Actually, I am doing some design changes to my blog, it might be part of that...

  • 13 Mark Drew // Sep 22, 2008 at 4:13 PM

    @Ciqala: I presume this means that your internet is back on then Ciq? BACK TO WORK!

  • 14 Rob Brooks-Bilson // Sep 22, 2008 at 4:13 PM

    I was getting about 4-5 spams a day on my etch blog using the basic 3 character captcha like Mark has. Most of it was for gold farmers. I upped my captcha to more characters, adn the spam has now died down to ~1 per week.

  • 15 Mark Drew // Sep 22, 2008 at 4:13 PM

    Lets see if with a longer string, people will be less into adding crap to my blog!

    And apologies to *normal* commenters...

  • 16 Ciqala // Sep 22, 2008 at 4:13 PM

    i am at work! :P

    with the slashdot stuff i was referring more to the problem in general, showing that stuff like captcha works to a point but when you become a big enough target due to your site traffic/ exposure you really need to take the moderation out of the hands of the site admin (unless you can afford a team to moderate it in which case fill your boots ;) ) and rely on your users having a strong sense of community and the will to see threats such as this minimised.

    as i said for blogs typically this is overkill but you could always do something that sat mid-way between the two.

    i saw this site a while back which has some nice simple (hah!) maths questions in lieu of a captcha...

    http://random.irb.hr/signup.php

    i think there is a lot to be said to this kind of approach (i.e. targeting the security to the target audience rather than *any* human with net access).

  • 17 Adrian J. Moreno // Sep 22, 2008 at 4:13 PM

    I've had a couple of spam comments, but they've really latched onto the "Send" on one particular post. Since BlogCFC CC's the author on send.cfm, I get 7-10 of those a week.

  • 18 Raymond Camden // Sep 22, 2008 at 4:13 PM

    @Adrian: If you use CAPTCHA in blogcfc, than CAPTCHA is enabled for the Send feature. If you don't want CAPTHA for comments but do want it for Send, you could modify the code easily enough.

  • 19 Mark Drew // Sep 22, 2008 at 4:13 PM

    I had a thought this morning when I was talking to Ciqala: Instead of using captcha, I should just look for web addresses in the body of the post, something with http:// or www.

    If any posts are sent with that, I am thinking that they would need to be moderated.

    What do you guys think of this idea, or maybe having a set of rules, so that if it has a url it gets moderated, if I delete that post, the url gets put in a blacklist, so then next time the idjits post spam, if it has a url and that url (or domain) is in the blacklist, then it automatically rejects the post completely. and shows them a nice picture of tubgirl ... or something

  • 20 johnb // Sep 22, 2008 at 4:13 PM

    i had exactly the same thought! At the moment either the enter comments has to be moderated for an entry, the ability to auto moderate for links would be neat.

  • 21 Raymond Camden // Sep 22, 2008 at 4:13 PM

    Interesting idea. Mark - be sure to bring this up again during 6.0 development.

  • 22 Mark Drew // Sep 22, 2008 at 4:13 PM

    @Ray: When is 6.0 dev starting? ... so that I can remind you :)

    MD

  • 23 Raymond Camden // Sep 22, 2008 at 4:13 PM

    It will begin when....

    1) I wrap Galleon 2 (few days away)
    2) I wrap BlogCFC 5.9
    3) I do minor updates for LHP, Soundings, Harlan, and the others
    4) MAX is done.
    5) Peace arrives in the Middle East
    6) Pigs Fly
    7) Paris Hilton graduates.... anything
    8) I get slim.

  • 24 Mark Drew // Sep 22, 2008 at 4:13 PM

    Another idea I had about comment spam, is to check whether the comment is the same as a previous comment. Since some spammers just put "Interesting Post" with the URL in the contact details (even though it has a "no-follow").

  • 25 seo services // Sep 22, 2008 at 4:14 PM

    unfortunately the only real way i think to battle spam once you get to a certain size is to implement slashdot/digg style ratings for content and allow users to police it themselves.

  • 26 online shopping // Sep 22, 2008 at 4:14 PM

    Well, this is a thing that many people debate and the answer may yet be as unclear. For example, would you consider my comment as spam? There shouldn't be any reason for doing so. Why? Well, firstly, I'm posting something relevant to your site and post. I'm not posting “You have such nice site, alwys good fr information.” I'm posting something sensible that contributes towards the discussion. Secondly, I'm not posting a web link in my actual post (or, a number of weblinks!) In my opinion, there is absolutely nothing wrong with my comment at all. But it would be interesting to hear your opinion on that.

  • 27 Mark Drew // Sep 22, 2008 at 4:14 PM

    How about the Philippines?

    @online sopping and @Oil painting art I am dubious about any posting who's name is the name of the website. I dont like it. put your name and a link to your website, rather than just what you do. I take that as advertising.

  • 28 Martina21Clay // Jul 21, 2011 at 6:27 AM

    If you are willing to buy a house, you will have to get the <a href="http://bestfinance-blog.com/topics/business-loans">business loans</a>. Moreover, my mother usually takes a car loan, which supposes to be the most rapid.

  • 29 vdmqamye // Jul 22, 2011 at 4:17 PM

    LBv1tt <a href="http://tstjrybcfslw.com/">tstjrybcfslw</a>;, [url=http://guspkmnzrlns.com/]guspkmnzrlns[/url], [link=http://ksszbpvnmqea.com/]ksszbpvnmqea[/link], http://rruuxfdkvvap.com/