Cutting out comment spam

by oneafrikan on April 27, 2006

OK, so I’m not a fan of the Akismet approach for one or two reasons, and it seems that although making users log in to comment works as an anti-spam device, it doesn’t encourage random people to comment, and lets face it, that’s half the joy of blogging – you meet loads of people from all over the world, just ‘cos you wrote something.

So I disabled the “you must be logged in to comment” thing, and as soon as I did I started getting comment spam again, like 10 or so an hour. And it pissed me off – my inbox just doesn’t need it, and I don’t want to delete another spam comment ever again if I can help it. Hence the need for another solution…

Along comes Adrian and George, commenting to my post about comment spammers, offering up “did you pass math” as a solution.
So I did some reading here, here and here, and then installed it, and I have to say that the sheer simplicity and gracefulness of it makes me think that there is still hope (for what, you’ll have to decide)… After one or two tweaks of my own, I’m happy as Larry and good to go. Thank you Steven!

My recommendation – try it – you won’t be disappointed.


‘did you pass math’ sounds like an interesting solution, but it doesn’t offer a high level of protection. It’s useful as long as it’s not well-known; if there were some incentive to get around it (e.g., if it were to be bundled with WordPress or Blogger = large audience), doing so would be a nearly trivial task.

Image generators are much harder to crack due to the fact that optical character recognition is much harder than parsing a string like “what is the sum of 4 and 9” (or even “four and nine”).

by neven on April 30, 2006 at 5:37 pm. Reply #

Yea, completely. But it does work for me now ;-)

In my ideal world I’d have a solution that was able to randomly spit out either a CAPTCHA form, something along the lines of “did you pass maths”, and perhaps a generic question (like: is an apple a fruit or a vegetable?) where the answers are stored in an array of sorts. Just an idea now, but if I find that the spammers are getting through, then I’ll either try develop it myself further, or wait to see what the author comes up with…

by Gareth Knight on May 2, 2006 at 10:27 am. Reply #

Gareth Knight: Your idea is a terrible solution (I never did understand social niceties..) That way, a spam bot need only keep refreshing the page until it gets a question it understands. So, like now, it works fine when it’s obscure.. but only then.

Perhaps a solution would be to have each blog with a different way of doing things – maybe randomized (but hardcoded per blog) form titles, positions, questions asked (which would be picked from a Very Very Very Very Big list). It wouldn’t work for big blogs, though; there would be incentive to make a spam bot /just for that/.

So, be obscure, be spam free.. or use CAPTCHA.

by Anonymous on May 31, 2006 at 11:13 am. Reply #

Leave your comment


Required. Not published.

If you have one.

Protected with IP Blacklist CloudIP Blacklist Cloud