My iPhone Apps
Advertising
print pageFight the spam part X
A long while ago I've implemented a Spam protection JavaScript for ve_guestbook developed by Christoph Neumüller. This protection was cracked by the spammers by teaching their bots JavaScript or whatever.
Anyway, he developed a new version which works a bit different and I am of the same opinion, that this protection will be very hard to crack. He describes the method on his homepage [1]. For all of you who doesn't understand German I give you a small abstract:
The point is that the most spam bots want to place an URL in a field called "homepage", "hp", "url" or whatever. In most other cases placing links doesn't make sense for them. Now here comes the trick.
We create a kind of honeypot consisting of a field with the name "homepage" which is hidden for the user via CSS. A new field with a random name will replace it in the form. You can call it "spammers-suck" for example.
All we have to do now is, to add a small piece of PHP in the pi1 class of ve_guestbook to check if the hidden field contains anything. If that is the case, a spammer tries to infiltrate our guestbook. That is the point where we simply exit the guestbook code and print out a nice message for the spammer.
As you can see, the method has a small hitch. We have to change the sourcecode of ve_guestbook. I hope the author of that extension will implement that or at least add a usable hook at that point. We will see! :-) In any case: Thank you Christoph!!!
I have implemented this now on the comment form and I will look at the amount of spam that comes in the next days / weeks.
Greets,
Thomas
- Related News:
Oh man... Massive spamming ... again - 22-10-07 09:55
- Links:
[1] Original article (german)
7 Responses to “Fight the spam part X”
#2: Martin Adler commented on Tuesday, 19-06-07 15:39
@Ingo: why use an easy way, if there is a difficult one? ;-)
#3: Ingo commented on Wednesday, 20-06-07 07:25
what's difficult about just installing an extension?
#4: Thomas commented on Wednesday, 20-06-07 08:14
@Ingo: I guess he meant that I do it with JavaScript instead of just installing an extension.
Well, I use both things now because I want to test how akismet protects me from trackback spam.
Greets,
Thomas
#5: Michael Fritz commented on Wednesday, 20-06-07 15:45
I wonder what is so brilliant about mf_akismet? imo it just gives you the option to mark comments as spam which is no big deal compared to deleting entries in old school style? for me neither mf_akismet nor timtab_badbehavior works..
but hopefully the javascript thing is a solution..
#6: Thomas commented on Wednesday, 20-06-07 15:48
@Michael: You have to have an account at wordpress.org. There is an webservice running that checks your incoming guestbook posts for spam. You don't have to mark them manually.
Greets,
Thomas
#7: Micha commented on Friday, 22-06-07 19:27
I think I need to write a manual with a good "What does it do" *g*
Leave a Reply
Calendar
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | Apr » | |||||
| 1 | 02 | 03 | 04 | 5 | ||
| 6 | 07 | 08 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 | ||
Latest comments
- paul blondiaux
Waouuu ! Great, 1000 thanks, THomas. I'm already having great fun trimming the app. ;)...
- paul blondiaux
Waouuu ! Great, 1000 thanks, THomas. I'm already having great fun trimming the app. ;)...
- Thomas
Hi, lottery closed. Tremendous number of attendees... ;-) Winners should have their licenses in t...
- Holger Gebhardt
I was really happy to find this nice tool, over your blog. i used keepassx, but its really uncomfort...
- Firma
Could anybody tell me where I can get more about setting Smarty with Eclipse ?
Blogroll
Advertising
Meta
#1: Ingo commented on Tuesday, 19-06-07 12:18
you could also simply use mf_akismet, does an awesome job, even on buzz.typo3.org ... no more spam, install and be happy