Oct
13
2003

comment spam

Spammers have found a new target: Weblog and messageboard comment forms. I’ve heard a little about comment spam — unsolicited advertisements for, say, products or porn sites posted to blogs and messageboards, sometimes en masse — over the past couple months, but didn’t think much of it until this weekend, when my blog got hit with 20 spams (one burst of 10 on Saturday, another on Sunday) ostensibly “commenting” on various individual entries. There’s a vulnerability in Movable Type that allows people to directly access the comments CGI file and post comments to random entries in short succession. Thank goodness for the online MT developer community — Some people have already come up with countermeasures.

Later today, I’ll be installing a blacklist plug-in to prevent questionable content from being posted as as a comment to this blog. I’ll also be following some advice from other MT’ers to prevent people from directly accessing the comments CGI file. scriptygoddess offers a few good hints, too.

Posted at 9:43 AM in technology

Previous entry: quote of the day: public interest (quotable) | Next entry: online journalist as isp? (online news)

Comments

Wired ran a story yesterday about comment spam, too. (“Spammers Clog Up the Blogs” - 10/24/03)

After a wave of aggressive spam attacks this month, bloggers suddenly found themselves scrambling for antispam weaponry and confronting the questions that have bedeviled e-mail and Usenet for years. How much openness can blogs afford? What freedoms are bloggers willing to trade to keep spammers out?

The writer interviewed Jay Allen, who recently developed a blacklist plugin for Movable Type.

An interesting comment about why spammers are targeting blogs — and why it may not work.

Danny Sullivan, editor of SearchEngineWatch.com, however, said comment spammers may be overestimating the influence blogs have over search-engine results.

“There have been some misconceptions that blogs have almost superhuman power over search engines, which is not the case,” he said. “Some people may have bought into that hype and believed that all they needed to improve their ranking was to get a bunch of links from blogs.”

Sullivan added that whatever effect comment spam had on search-engine results would be unlikely to last long. “All spamming types of things are failing strategies,” he said. “They may work for a very short period of time, but search engines come back, and it’s another step in the constant arms race between search engines and the people who optimize for them.”

Posted by alykat on October 25, 2003 12:06 PM

Comment thread closed because, ironically, this entry keeps getting gobs of comment spams.

Posted by alykat on March 30, 2004 4:23 PM