Are You Getting Spammed Too?

by Ade Magnaye on November 15th, 2008 16 Comments

The other day I opened up my blogs and I saw that they had this huge influx of comments. As this was rather unusual, I checked the moderation queue and to my surprise, I found a huge number of comment spam. Weirdly though, the spam contained none of the usual links, and instead found a random string of letters and numbers, like “j2miob2e5gylwz9w”.

Comment Spam

As if that wasn’t weird enough, it seems that the spam got through Akismet multiple times. The spam messages came from these IP addresses:

  • 94.102.60.150
  • 94.102.60.151
  • 94.102.60.152
  • 94.102.60.153

Searching Google with the IP addresses brings up a lot of discussion about the spamming incident. Apparently, this has happened to a lot of blogs over a short period of time, and most, if not all, of the affected blogs were on WordPress.

So, what on earth was that about? It seems like somebody’s testing a brand-new spam tool that actively tagrets WordPress blogs. I’ve already blocked the said IP addresses via .htaccess, but who knows when the next spam attack will come?

This is probably the best time to brush up on some basic comment spam prevention tips. WordPress has some built-in spam prevention features, like:

  • Keep comment modderation on; make sure that people need to have a previous comment approved first before they can successfully comment.
  • If a comment has more than two links contained in it, it should be automatically moderated.
  • Fill out the “common spam words” form in WordPress so that comments get moderated when anything within the comment (including the author URI, author name, author email and the body of the comment itself) matches the words in the blacklist.
  • Akismet may not be built in WordPress by default, but it is included in the installation and installing it is the first thing I do when setting up a new blog. It still is the best spam filter out there.

If you have other anti-spam measures you implement on your blogs, just drop a comment and tell me about it.

Categories: General, WordPress Tips

WordPress Plugin: WordPlurk
IntenseDebate out of private beta, offers new Wordpress plugin.

Comments

  1. Manuel says: 11/15/2008

    Yes, I had these Spamcomments, too. Akismet didn’t help.

    I have a question, since you speak of the .htcaccess file. I would love to see a post describing what it is, what’s it useful for and how one makes one.

    cheers,

    Manuel

    Reply

  2. Wib says: 11/15/2008

    First of all I got the random letter spam and then today I received a couple of spam comments from the same IP address containing around around twenty links that are comprised of random letters.

    I’ve just installed WP-reCAPTCHA to see if that’ll stop it.

    Reply

  3. Infinityvers says: 11/15/2008

    I don’t like Akismet so I use reCaptcha instead.

    Reply

  4. David de Beer says: 11/15/2008

    hmm, Akismet was utterly useless in the last while’s spam attacks. Had no idea this was a general thing actually. I do know WP-Spamfree was much more effective in cutting the spam off than Akismet was (I turned the latter off, and activated the former and no more spam since).
    but yah, comment moderation is non-negotiable.

    Reply

  5. redwall_hp says: 11/15/2008

    I’ve been getting them too now and then. The really odd part is there isn’t any comment link. Just random text. What’s the point? What do they get out of it?

    Reply

  6. Vince says: 11/15/2008

    I got some as well the other day. They had no links at all including the user name URL and that is why Akismet did not see these as spam. It does look like someone is trying out a new “tool” but when they start adding links Akismet should stop them. I’m hoping this is only spam and not a hacking tool being tested.

    Reply

  7. Vince says: 11/15/2008

    Just checked my spam folder as it has been a couple days. I now have the same IP trying to spam with links. Akismet did catch them and set them aside. I went ahead and blocked the IPs just in case. How lame…..

    Reply

  8. Ajay says: 11/16/2008

    I just mark them as spam. I’m sure Akismet will learn in time :)

    Reply

  9. David de Beer says: 11/16/2008

    incidentally, I got the exact same spam via my contact form today. banned the IP it originated from, but it does seem as if I’ll have to stop being lazy and get a proper spam protected contact plugin.
    the one I’m using right now just employs some simple math to verify the human-ness. clearly not enough.

    Reply

  10. Wib says: 11/16/2008

    Well WP-reCAPTCHA doesn’t work as I’ve just received another spam comment from 94.102.60.153. It’s another one of the twenty links of gibberish style ones.

    Reply

  11. James Turnbull says: 11/17/2008

    We’ve been receiving hundreds of these comments each day since a couple of weeks ago. Akismet isn’t helping, and doesn’t appear to be learning them. Initally they had empty URLs, but now they have started adding in links to splogs.

    I installed WP-hashcash alongide akismet and it’s successfully blocked all of these comments with no false positives so far.

    Reply

  12. oneighturbo.com says: 11/20/2008

    We use http://www.defensio.com and http://wordpress.org/extend/plugins/wp-hashcash/

    Defensio has a 99.49% rate with 193 false neg. out of 39987

    Reply

  13. Gift Blog says: 12/1/2008

    yes me 2

    Reply

  14. Bohack says: 12/1/2008

    Me too… so i tried installing the plugin easyban and I banned the above mentioned IPs. It works really well. Hope this helps.

    Jon

    Reply

  15. rsfrs says: 3/21/2009

    Nice article and i feed your posting

    Reply

  16. cocktail mixing says: 4/5/2009

    Very nice information. Thanks for this.

    Reply

Allowed HTML Tags:
B, I, U, A, EM, UL, OL

Comment Policy
Privacy Policy