[typo] AJAX comment spam
pdcawley at bofh.org.uk
Sun Mar 12 18:41:40 EST 2006
Trejkaz <trejkaz at trypticon.org> writes:
> - I receive an IM saying a new comment has been posted, which has a
> link to the admin interface for that article (I'm planning to patch
> this feature into my local branch already.)
> - I go into the admin interface, and hit Delete.
> - The delete confirmation page has a new button, "Delete and Block",
> which adds that IP onto the blocked list.
Hmm... I've been thinking along those lines too.
> The only other thing we can do is raise the bar some more,
> e.g. require OpenID authentication for all comments. But things
> like that, a spammer can always work around. Unfortunately, I
> really, really, really hate CAPTCHA setups, but that's starting to
> look like the only way to stop it.
You can get round CAPTCHAs too by re-serving the captcha images as
legitimate captchas on, say, your porn sites and feeding the punter's
response back to the spammed site. Even if you miss the timeout 9
times out of 10, there's always another punter.
Piers Cawley <pdcawley at bofh.org.uk>
More information about the Typo-list