« Limyaael's rants | Main | Some guy reviews books so I don't have to »

mt-commentproxyblock

I have installed mt-commentproxyblock even though the web page didn't say whether it worked with my creaky old version of Moveable Type. So this will be your test post to see if it's broken the blog and especially comment submission. This plugin's supposed to be really good, by the way.

Update: The plugin doesn't break commenting, but it doesn't appear to do anything useful either. I had another 50 comment spams to archived posts (I still haven't finished closing the archived comments, which is a hugely time-consuming process) this morning, so another hour of my time, on Sunday morning, was stolen from me by those scum.
I've had some suggestions to help solve the problem ranging from intelligent (non-image-based) Turing tests to upgrading to MT3.*. All of these take time to implement and test so it may be a while before I get around to working on them. In the meantime, I will continue to barricade the blog. Apologies if this causes any inconvenience.
Update #2: I have also just got my first, albeit minor, wave of trackback spam. I really want to kill someone painfully with my bare hands right now.

By the way, this latest spam run can probably be blocked by adding some regexes to MT-Blacklist for the email address that this particular bastard likes to use. Here's what I added:
\absinth451[^\s.]
\luba8730[^\s.]
\absolut[^\s.]
\napoleon[^\s.]
\bushmills[^\s.]
\johndoe[^\s.]
+grey_goose+

The Blacklist complained a bit about these regexes, but accepted them. Let's hope they work - it's not like I fully understand the Blacklist's regular expression syntax, or even care to learn it. I just want the fuckers to leave me the fuck alone.

Comments (10)

cmkaapjes:

Looks OK to me

Another test. Is this doing anything?

smilodon:

a test? Will this be graded on a curve?

xmung:

i always fail tests! :(
(death to spammers!)

Squiddhartha:

I finally couldn't take it any more, and shifted from Movable Type to WordPress. Even when mt-blacklist was successfully rejecting the comment spam, the load a spam run would put on my poor P200 webserver was effectively a denial-of-service attack.

I hear that a lot. Thanks for reminding me. I will look into Wordpress if that's a more secure system overall, and isn't too much of a nightmare to set up.
However, that too will take time.

NC:

Wordpress indeed have it covered, I have just used some code to kill the spammers from their site, and you can moderate comments that contain URLS.

Its a good program...

NC:

Wordpress indeed have it covered, I have just used some code to kill the spammers from their site, and you can moderate comments that contain URLS.

Its a good program...

Squiddhartha:

I haven't evaluated their overall security per se, but by default, all comments are moderated -- and since shifting I've only had one attempt, so it would seem to be less of a target.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

About

This page contains a single entry from the blog posted on January 15, 2005 11:59 AM.

The previous post in this blog was Limyaael's rants.

The next post in this blog is Some guy reviews books so I don't have to.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.34