15 February 2013

Word verification on comments

I hate to turn on this feature as it creates another threshold for comments but with the crazy amount spambots bombarding my blog recently I feel like I have to. Most of the spam has been ending up in the spam filter, but a large amount of crap still makes it to the comment section.

Sorry for the inconvenience. If things settle down I will revert back to the "no verification" mode.



  1. Sadly even with this verification spambots with be able to pass it - I've noticed it on my deceased blog ;) I think only proper option to get rid of them would be change of settings that You need to manually approve every comments.

    1. Ah sucks to hear, no I have no intention of creating that obstacle. I'll see how this works out, I've noticed that the spam is increased if I don't run CCleaner at least once a week. But really, the last couple of weeks have been abysmal with insane amount of spam. Up to this point I got maybe 1 or 2 spam messages in the filter per day, some days it has increased to over 50 in the filter and 5-6 posted on the blog...

  2. Yes it's a pity the spammers have educed the web's usefulness in many ways. Think of the wasted computing power as all our emails filter out the deluge. And think of the human time wasted inputting CAPTCHAs... But I don't mind so much as long as it helps stem the tide.

    (I have heard rumours that spammers are defeating CAPTCHAs by setting up porn websites and making their human visitors solve them to get the free pics. I'm not sure how well that would work though.)

    1. Man that sounds messed up, so far so good on the spam front.

      The real downer with the CAPTCHA especially in Blogspot is that they are often very hard to quickly decipher, some of them are impossible to read so you have to cycle through a couple. It just creates an unwanted obstruction.

    2. Two ways that works. First is as they get a steady stream of traffic they then go and hit legitimate sites. When the captcha comes up they scrape it and re-present it on their website. A user there solves for it and they submit. If it fails, they get their user to solve for it again.

      Second they build up a database of the various CAPCHA algorithms and can, over time solve a large number of captchas instantly because they just look up the signature of the captcha and respond with the now known key.

      Spam is big business. More malware was written in the last 2 years than was created in all of time before it.

      While free access to the Internet is considered a very good thing - sometimes it seems like it would be better if there were someway additional authorization could be made to get an authoritative identification of the user.

  3. I can't help you on Blogger, but for WordPress there are several plugins that do a fine job of filtering out spam before I ever see it. For comments they include an input field that is visible to spambots but not to people. The spambots fill in the field thinking that it's legit and take themselves out. Very clever way to exploit their unthinking nature.

    My real problem was spam user registrations, of which I was getting a handful daily (until I installed a plugin that took care of that issue). Why the heck would a spammer want to register as a user is what I still haven't figured out...

  4. So far so good, zero spam today/since the filter. I admit it is quite refreshing.

    @Nick, that sounds really good, shame blogspot are slow with innovations like that.


Related Posts Plugin for WordPress, Blogger...