Comment Spam: I'm Sick of It

During the last days, I was heavily suffering from comment spam. And Spam Karma for some reason wasn't able to handle it.

Actually, I decided to no longer trust in anti-spam plugins but rely on security through obscurity. This is: I wrote my own simple but hopefully effective captcha. I decided to rely on simple questions rather than distorted images, since they bring up accessibility problems - it is impossible to read that image if you are blind.

Hopefully this will keep spammers away for a while.

Update: This article was published long ago, when I was running WordPress. I'm not running WordPress any more, but Drupal. Since I'm not running WordPress, there is less comment spam, and the Drupal spam module catches it gently. That's why I don't use this simple Captcha test any more. Particularly this means, there is no need to write a test comment, just to see if it works! It doesn't work, since it is disabled. Trust me :-)

Update: This article covers the same problem for Drupal.

Posted on June 14, 2005 in


Comment by mike

November 30, 2005 - 23:18

Just testing to see if this is still working :) great idea


Comment by Anonymous

January 18, 2006 - 17:34

test


Comment by Anonymous

April 2, 2006 - 03:04

test


Comment by Sencer

June 14, 2005 - 22:37

That's a good idea. I admit I was sceptical when I first heard people suggest such ideas, because in theory it won't hold for long. However in practical use it stands pretty well, especially if you're not very high profile. I am curious what your experiences will be. :)

Regards

Sencer


Comment by Gerd Riesselmann

June 15, 2005 - 07:59

I saw this on some other side (don't remember where, actually), where the question was "Please enter the letter m" - and it never changed ;-)

I think that once this approach turns common, spam robots will try to figure out questions and parse them to compute an answer. My current question for example is quite trivial to understand even as a machine.

However, questions can be changed easily to raise the bar. They can rely on the page content (for example: "Enter the first word after a bracket you find below". Answer: "Email"). They can rely on common knowledge ("E = m*c*c was discovered by Albert..."). And so on. Machines actually need to be teached each bit of information, while humans just know this.

However, I think, the key point is diversity regarding the questions. A plugin with a set of preconfigured captchas will be bypassed within hours, I presume.