Well, I finally got pissed off enough about having to delete at least 15 spam comments a day to get off my duff and do something about it.
I have implemented two solutions, one that is preventative, and one that is a clean up tool for after spam is posted.
The first change I made was to rename my comments script, and then remove ALL direct links to it. I accomplished this by:
- Removing the links from my index and date-based archives, linking instead to the comments section of the individual posts.
- Obsfucating the comment script’s url in the comment posting form using javascript. Now, when a user hits the submit button, the script url is assembled and assigned by javascript. It’s a simple bit of code that should prevent most bots from posting comments.
Unfortunately, there are also spammers freaky enough to post spam manually, and there’s not really anything I can do to stop them. What I can do though, is make deleting their comments easier to save myself some clicks, and some time. To this end, I followed step 6 of this great post on preventing blog spam at Yoz Grahame’s Cheerleader blog. Now, when I receive an email notice that someone has posted a new comment to my blog, I also receive a direct link that lets me delete their comment with only 2 clicks. Based on some of the feedback on Yoz’s post, I also moved the delete link above the comment text in the email notice, to fix an issue with spammers leaving open html tags to obscure the link.
I hope this all works – it didn’t require a huge investment of time, and I expect it will save me a lot of frustration. I’ll post my results after a couple of weeks.
Please let me know if you encounter any issues with using the comments, beyond needing to have javascript enabled in order to post. Thanks.
I also got sick of people typing search terms in my subscription form at the top left, so I added a bit of javascript to validate the email before posting.
Ah! I am also following that step no. 6. It is infact a nice thing that I can delete as soon as a comment comes in my mail for notification.
The funniest part of the spam that I got today (not blog spam) is a couple of mail ID coming from my own domain, james@brajeshwar.com and spamming me.
UPDATE: so far, so good. Only 2 spams in the past 24 hours (down from almost 20 in the previous 24 hour period), and it took less than a minute to remove them.
As you are running MT, i’d suggest MT-Blacklist. It is an excellent plugin, that requires no changes to your blog templates or any of the .cgi/.pl/.pm files.
http://www.jayallen.org/projects/mt-blacklist/
Yes, this is a plague, like mail boxes spamming or guestbooks in the past.
I have started a website about blog spamming, maybe you are interested in visiting it, this is the url:
http://www.blogspam.org
good luck with your blog!
Update (in the off chance anyone hits this page again): 3 weeks without a single comment spam – not too shabby.
Thanks for the tips, comment spamming can be really annoying. I have to try some of your solutions. And I see you already have some good results with it – great 🙂
Another quick update on my blog spam levels: They’ve increased a bit – I’m up to about 4-5 spam comments a week. Compared to the 500+ similar blogs have been getting, that’s nothing, and with the email link I added, I usually clear them out within 30 minutes.