Should we make blog comments password-accessible only?

I’m getting increasingly pissed off by the spam porn “comments” appearing on Troppo Armadillo, especially because it seems the spammers have now decided to target us every day, and with a particularly nasty type of spam (beastiality, incest etc). We’re now getting 10 or more such “comments” every single day, and it takes me 20 minutes or so to delete them each morning, time I then don’t have available for blogging.

From what I could work out from the comments to my recent post about this, Scott Wickstein has installed MT Blacklist on his domain, but hasn’t given his blog authors (including me) the permissions to access that area. As a result, he suggested that I email him whenever we get a spam attack, giving all the details so he can block them. However, all that would be very time-consuming. I’m certainly not prepared to leave noxious stuff like that up on the blog for a day or more while Scott gets time to do something about it, and I doubt that I have the time or patience to record all the details (IP address etc) for each of the 10 or more spam messages that get posted every single day now.

Moreover, from what I can see, these latest batches of spam each seem to emanate from totally different IP addresses. Presumably the spammers don’t have an infinite variety of available addresses, but they clearly have quite a few. Thus it seems unlikely that IP address blocking would be very effective anyway, at least in the short term. Filtering for specific words might conceivably be more effective, but given the occasional ‘post-moral’ content of this blog (e.g. yesterday’s post on the etymological roots of “cunt”), that could be quite inconvenient.

What I might have to consider doing is getting someone to install a system requiring commenters to register and obtain a password to allow them to comment on Troppo Armadillo. I’ve always resisted that expedient until now, because it substantially reduces the freedom and immediacy of access to commenting, which for me is one of the major attractions of blogging. But when you get confronted every single morning with repulsive comments containing links to beastiality, rape and incest porn, maybe it’s the lesser of two evils.

I invite discussion from readers on the best way of combatting this scourge, as well as offers of assistance from any techie gurus prepared to assist. Implementing a workable passwording system is likely to be well beyond my limited technical capabilities, at least within the even more limited time I have available.

Incidentally, to emphasise how concerned I am about this problem, I would seriously consider simply closing down Troppo Armadillo if I can’t find and implement a reasonably easy, viable way of stopping this spam porn. I’m not prepared to continue providing a vehicle for these scumbags to peddle this stomach-churning effluent of diseased human minds.

PS – I suppose a slightly less drastic alternative might be simply to disable MT commenting completely for this blog. Personally I don’t think I’d bother blogging in the absence of the dialogue that commenting facilitates, but it might interest Wendy, Geoff, Wayne, “B” etc.

About Ken Parish

Ken Parish is a legal academic, with research areas in public law (constitutional and administrative law), civil procedure and teaching & learning theory and practice. He has been a legal academic for almost 20 years. Before that he ran a legal practice in Darwin for 15 years and was a Member of the NT Legislative Assembly for almost 4 years in the early 1990s.
This entry was posted in Uncategorised. Bookmark the permalink.
16 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
Andrew Norton
Andrew Norton
2022 years ago

Ken – There are some suggestions you might find useful over at Catallaxy, which has also faced this problem.

Ken Parish
Ken Parish
2022 years ago

Andrew,

As far as I can see, the discussion on Catallaxy simply consists of C8to advising that he’s implemented MT Blacklist and that individual authors should be able to access it. Our host Scott Wickstein has also apparently implemented MT Blacklist, but doesn’t know how to make the facility available to authors other than himself. Maybe C8to might be able to tell us/Scott how to do that.

MT Blacklist seems to be content filtering rather than IP address exclusion. However, the documentation (see http://www.jayallen.org/projects/mt-blacklist/latest/) argues that content filtering is better because spammers can easily defeat IP address-based filtering with dynamic IP addresses. That is certainly borne out by the seemingly unique IP addresses of each of the spam “comments” appearing here at TA. MT Blacklist apaprently allows search and filtering/blocking of any comment containing designated strings, including URLs. That probably WOULD be effective, as explained below:

“MT-Blacklist works because it focuses on one that is far more difficult to change and is in fact, the most important part of the spam: the spamvertised URL.

This is the spammer’s weak point. Unlike email spam, the motivation is not to sell you or your visitors anything or even to get you to click on their links. The most solid theory for why comment spamming exists —

Dan
Dan
2022 years ago

I run MT-Blacklist on my site, and it quite happily accommodates multiple authors. It uses the normal MT logon (which, if you have it stored as a cookie, you don’t have to enter every time), and allows you to update the blacklist and delete any comments that you have editing privileges for. The only drama I can see for a group blog like TA is that spam comments will be posted to a lot of different authors’ posts, so unless Ken has the authority to edit/delete other authors’ posts, he would have to rely on them to do it themselves. Dealing with comment spam with MT-Blacklist is a two-click process – click on the link in the notification email to take you to the blacklist page, then press the button to add that URL to the blacklist, delete the comment and rebuild the database. If you’re getting 10 a day, then it could take a few minutes, but not that many, and if the URL’s were being continually blacklisted, the number should drop fairly quickly anyway (I get about 10 blacklist denials for every new comment spam that comes through. A few days ago MT-B successfully blocked 9 in a day.) It would be even better if the other blog authors on TA were keeping an eye on their own comment notifications and doing their own 2-click blacklisting/deleting, so that you’d only have to do it for your own posts.

Scott Wickstein
2022 years ago

Ken check your email- I’ve sent you that which I hope will cure your spam ailment.

Ken Parish
Ken Parish
2022 years ago

Scott,

I can’t readily check my old home email any more frequently than about once a week. So if you get time to forward your email to me at ken.parishAT cdu.edu.au, that would be appreciated. I’ve emailed you with this message as well.

Yobbo
Yobbo
2022 years ago

Ken: Samizdata uses a system which requires commentors to enter a “security code” when submitting a comment, which effectively blocks any bots from commenting on your site. It’s a lot less intrusive than passwords and should solve your problem.

Yobbo
Yobbo
2022 years ago

take a look here to see what i mean

Nabakov
Nabakov
2022 years ago

But I only come here for the spam.

Because of those useful consumer information messages, you should see what I can now raise for Geoff’s ‘penis size for profit’ post – thanks to those wonderful people at (deleted).

David Tiley
2022 years ago

I hate the bastards. Am waiting for MT blacklist to be implemented in my beauteous neck of the woods. Manual deletion though is fairly fast. Title onto search, find site, edit, click delete, do so, back to site, get search… rebuild at end. But I hate it…

Tony.T
2022 years ago

Bailz has set something up for us over here at the DW that whenever we get the email telling us a comment has been left, there’s a link at the bottom that when clicked takes us to a site that immediately gets rid of all spam addresses contained in the email as well as deleting the comment itself. A gun system.

boynton
2022 years ago

It’s just taken me 2 hours to delete latest batch.

Heart’s not in blogging today, and makes me re-think the enterprise.

Ken Parish
Ken Parish
2022 years ago

Thanks for the advice everyone.

Scott has now given me access to the MT Blacklist system he’s installed on the Ubersportingpundit domain. I’ve added the URL strings from this morning’s charming incest spam comments to the Blacklist. We’ll see how it works. I didn’t receive any rape or beastiality ones today, so deleting and blacklisting them is no doubt a pleasure I still have in store at some stage over the next few days.

I’m cautiously hopeful it will be successful. We DO seem to have stopped receiving the Viagra, anti-depressant and penis enlargment spams since Scott installed MT Blacklist. They had previously been the most frequent types of blogspam we’d been receiving.

I suspect that the far more repulsive (and more frequent) hardcore porn spam we’ve been getting bombarded with over the past week may be a direct result of my inserting the “SpamPoison” URL on the site (after finding it at Rob Corr’s blog). It might have corrupted the spammers’ database (as designed), causing them to retaliate and target us for especially virulent and frequent spam attacks. That’s probably why these URLs had not previously been registered in Scott’s Blacklist.

John Quiggin
John Quiggin
2022 years ago

I got a dozen or so last night, but MTBlacklist dealt with them all in a matter of seconds. At this stage, it seems to be an adequate defence.

Geoff Honnor
Geoff Honnor
2022 years ago

For what it’s worth, I share your attitude towards comment-free blogging: doesn’t “work” for me. Not that I’ve been doing a lot of blogging. I’ve been at a conference all week and next week my carefree, freelance existence ceases as I return to the fulltime coalface.

cs
cs
2022 years ago

This post is doomed with all those spam magnet-type words in it Ken. I’d delete it if I was you, or at least close the comment facility.

Ken Parish
Ken Parish
2022 years ago

Thanks Chris. I’ll take your hint and block all further comments on this post.