SF Signal: Blog Spam Update #2

Blog Spam Update #2

Got a chance to look at the backend code for the MT-Scode Captcha plugin and figured out there was a conflict with MT-Blacklist. Once I modified MTBLPost.pm (by adding the same security check at line 75 that was added to comments.pm), the security check started working!

Woo-hoo! Take that, ass-clown spammers!

With this new security measure in place, I will soon work on re-opening all the old posts...

[UPDATE: All old posts have been re-opened for comments.]

Here's an interesting item for you, the king o' spam, John.

The security code is 2 digits the first time you try to enter a comment. If you enter it incorrectly, or not at all, the resulting comment re-entry page uses a 6 digit security code.

Get cracking!

Posted by JP on Monday November 08, 2004 at 11:23 AM

Not sure what that's about. It was set to 2 digits - then I bumped it up to six and rebuilt. Maybe it's a browser caching issue?

Posted by John on Monday November 08, 2004 at 1:21 PM

Damn. Got spammed today. Back to the drawing board.

Posted by John on Wednesday November 10, 2004 at 6:33 AM

Do you have a log of who spammed you and how (at the HTTP level)? That might help us figure out a way to stop it.

Posted by Scott on Thursday November 11, 2004 at 3:11 PM

We can get an IP address, but they are forged.

Posted by John on Thursday November 11, 2004 at 3:36 PM

No I mean the actuall HTTP Post itself - it might help to see the form fields.

Posted by Scott on Thursday November 11, 2004 at 11:51 PM

Not that I am aware of. JP?

Posted by John on Friday November 12, 2004 at 12:18 AM

I don't think we have logs of that.

Posted by JP on Friday November 12, 2004 at 8:55 AM