The War of Becky's Guestbook
Ages ago I set up a little guestbook on my site. It was one of the last bits I wrote myself. Before that it was hosted by Bravenet, and very naff.
When I wrote it I thought that it would be too small a concern for anyone to bother to spam, but I was quickly proved wrong. Within days it had got it's first spam message, and quickly started to fill up with them.
So I put a little CAPTCHA in. Nothing complicated, I basically stole Miss K's idea for a non-programmatic static GIF that's not machine readable.
That worked for a few days, then the spam started again. I guessed that spammers had programmed customised settings for sites like mine. It was a little scary, to be honest. Up until then I'd assumed that the spams were from automated spiders who just recognised likely comment forms and filled them in; but this showed that there was at least some human element and I was being targeted for spam.
I gave up for a while and ignored the flood of guestbook spam.
Then last week I had a brainwave: Blogger has a built-in CAPTCHA system for comments, why not use that? I set up a new blog on Blogger, and lobotomised my custom template to make it work purely as a guestbook. It worked quite well.
For about a day. I've already had at least 3 spams.
Which is really disturbing. It means that either the spammers have got to a level where Blogger's CAPTCHA is no longer a hurdle, or there's at least one human out there being paid (I guess) to spam sites like mine manually.
What do you think is going on?
By the way, my guestbook is now CAPTCHA-protected and moderated, so no more spam. Just hassle for me.
When I wrote it I thought that it would be too small a concern for anyone to bother to spam, but I was quickly proved wrong. Within days it had got it's first spam message, and quickly started to fill up with them.
So I put a little CAPTCHA in. Nothing complicated, I basically stole Miss K's idea for a non-programmatic static GIF that's not machine readable.
That worked for a few days, then the spam started again. I guessed that spammers had programmed customised settings for sites like mine. It was a little scary, to be honest. Up until then I'd assumed that the spams were from automated spiders who just recognised likely comment forms and filled them in; but this showed that there was at least some human element and I was being targeted for spam.
I gave up for a while and ignored the flood of guestbook spam.
Then last week I had a brainwave: Blogger has a built-in CAPTCHA system for comments, why not use that? I set up a new blog on Blogger, and lobotomised my custom template to make it work purely as a guestbook. It worked quite well.
For about a day. I've already had at least 3 spams.
Which is really disturbing. It means that either the spammers have got to a level where Blogger's CAPTCHA is no longer a hurdle, or there's at least one human out there being paid (I guess) to spam sites like mine manually.
What do you think is going on?
By the way, my guestbook is now CAPTCHA-protected and moderated, so no more spam. Just hassle for me.
"Luckily" they only tareget 4 particular posts, so cleaning up is a simple if tedious task. They seem to be from Moldova, according to the whois lookup.
With in a couple of days I was getting a dozen spams a day, so as a quick fix I rearranged all the fields on the comments page and the spam stopped for a couple of days, until they tweaked their program to work with the new layout and away they went again.
Finally, I rewrote the page so I now moderate all comments and eventually after three months of hassle the spam seems to have dried up. I really don't know what they expect to achieve, but I guess it shows they're getting desparate if their targeting sites like mine which only get about 1,000 hits a day. W*nkers!
Post a CommentPermalink Subscribe to comments: this post | all posts
<< T*Blog Home