Oh no… (Comment disabled)
in Movable Type
I just got some (wait, not some, hundreds!) spams on my comments. Yes, hundreds within few minutes. Thanks to MT-Blacklists. Some spams can avoid the blacklist filter, but overall, the MT-Blacklists is a great plugins.
The problem is not only about how many spams can be filtered. Deleting the unapproved comments is killing me. Ten is ok, twenti is fine, but hundreds? :(
Well, there are some alternatives to avoid kind of situation. Possible options (using MT):
- MT-Blacklist
- Using Security Code
- Comment Moderation
- Typekey sign-in
- Closing comment on old entries (but the last spams comes entries posted this week!)
Now, I temporary remove my mt-comments.cgi files. I am not sure what the best way to prevent spammers’ attitude; attacking my mt-comments.cgi or something. And it seems that not only MT-based blog got such spams yesterday. :(
Update: Dan ‘SimpleBits’ Cederholm also experienced the same case. I am not sure whether the comment spammers have similar IP, strings or pattern with mine. He pointed a link at Elise’s Learning Movable Type about Concerning Spam.
So, these are what I have in this weblog (not all related to comment spam):
- Comment enabled (I will see whether alternative taken can handle the spammers)
- MT-Blacklist still activated (I think it is a bad idea to remove it)
- I upgraded to the latest MT — MT 3.121
- Re-manage category archives (using Sub-Categories) and providing the Category RSS.
Well, let’s see what will happen next… Have a nice holiday all!
This entry receives 8 comments.
Thomas
Testing after making some changes related to comment.
Nov 1, 2004 at 4:53 am
Ben
udah gak pake ‘captcha’ ya? :)
skrg kudu ‘preview’ dulu ya?
efektip mana ya?
Nov 2, 2004 at 10:29 am
Thomas
Ben, ya captcha (MT-SCode) pernah saya coba pakai, dan itu sangat bermanfaat saya rasa.
Sementara ini, yang saya lakukan selain memasang MT-Blacklist, juga me-rename file mt-comments.cgi dengan nama file lain.
Mengenai preview, sebenarnya ini cenderung karena saya mencoba mengaktifkan (memperbolehkan) HTML tags untuk dimasukkan dalam komentar. Dan kali saja ini juga cukup ‘efektif’ untuk mencegah itu spam. We’ll see… :) Trus, gimana WP mu? Moga-moga aman juga…
Nov 2, 2004 at 10:37 am
Ben
ya, aku rasa juga pakai ‘preview’ cukup aman dari serangan.. krn logikanya gak mungkin si spammer sabar preview satu-satu… :D
SimpleBits juga pakai ‘preview’ dulu ya..
sayangnya di WP blon ada ‘preview’ buat comment :(
WP di tempatku sih sbnrnya ‘cukup aman’, dalam artian spam yg masuk gak sampai lolos dan keliatan di web… ada 3 plugin anti spam yg aku pakai.. tapi pegel juga tiap hari hapus dan masukin ke daftar blacklist :(
makanya skrg pengen masang captcha juga nih… kebetulan tadi Idban kasih tau soal WP AuthImage Hack :)
Selamat berjuang! :)
Nov 2, 2004 at 11:12 am
Thomas
Well, paling tidak, sampai saat saya nulis ini, tidak ada spam satupun yang masuk. Untuk WP, walaupun itu tidak nongol di web, tapi ada di comment list user area males juga yah.
Pas saya dulu liat WP-nya Lala, busyet, banyak banget. Tapi saya pribadi, memang sebisa mungkin jangan sampai masuk saja itu spammer. Jadi, pekerjaan delete-delete juga gak perlu.. :D
Nov 7, 2004 at 8:08 pm
amal
Wah, kalau mau hapus komentar yang tertahan (not yet approved) jangan manual dong. Tembus saja ke SQL:
DELETE FROM wp_comments WHERE comment_approved = ‘0′
Yang jelas, WP tidak perlu rebuild lah… :p
Nov 17, 2004 at 9:31 pm
joko
wah sori ikut nimbrung nih
saya baru make wp blm genep 2 bln dah kena spam.tolongin saya dong gmn ngilangin nih soalnya baru blog dikrim dah langsung ada itu spam kayak auto gitu.
help me pls
Nov 18, 2004 at 4:28 pm
Thomas
Joko, saya rasa WordPress Wiki akan banyak memberikan penjelasan mengenai hal ini. Coba deh check di sana.
Nov 18, 2004 at 9:08 pm