October 9th, 2003

Solution for comments spams


Update 4th Feb 2005: Looking for a solution to deal with Trackback spams? Take a look at my TrackbackAntiSpam?

Apparently, there are some automated bots which has been spamming comments on movabletype blogs. While it is easy to ban the IP and remove the posts, it takes a lot of time and effort to play the cat and mouse game.

To cut the story short, I wrote a plugin to MT that will verify if it is a human before it allows comments to be posted. The idea is pretty simple: Display an image with a Security Code and demand the user to enter a Security Code manually before allowing posting to go through.

To see how it works, try posting some comments on this site. [Update 4th July: This is running Drupal but I ported this plugin to Drupal so it works on the site again :-)]

If you like it, you can download it here. (It is pretty rough since I skip my sleep to do this. But it should work. I hope I have covered most of edge cases…)

Update 15th Oct 2003: I wrote another MT plugin which allows you to train your MT to automatically identify spam comments. And it works for trackback too!

Update 2nd Nov 2004: scode-0.1b.tar.gz is available with instructions on MT 3.x and also answering several commonly answered questions.

Update 11th Dec 2004: This entry is now a spam magnet (see today blog entry). At least one comment spammer is attacking this entry to test their technique. I am going to leave this open however so I can use this opportunity to learn their tactic so as to know how to fight them better. In the meantime, don’t be surprise to see this entry get flooded with spams if they got through. (Werid that they choose to attack this entry which is no longer running on movabletype :-)

Update 13th Dec 2004: scode-0.1c.tar.gz is now available with additional script to test your GD installation if you can’t get the image working properly.

For all those found their SCode suddenly stop working, read this from Elisabet’s provider:

Hi Elisabet,
there was a problem with the way cPanel was installing GD. The developer created a script to “clean” any buggy GD installations and re-install. Once I cleaned the installation the script worked ok.


