Ingenious comment spam prevention system

TomTester

This article http://www.rustylime.com/show_article.php?id=338 outlines a great way to beat comment spam. In short: - they analyzed comment spam - noticed that auto-form-fillers always enter data in ALL fields - so they included a real field in the form but HID it from display using CSS (crucial, hidden fields are also ignored by bots) - now only bots would fill in the 'hidden' field (people never would, because they simply could not see it) - any entry containing content in the 'hidden' field can simply be discarded (either immediately or at regular intervals) Nice nice nice. Sounds like a must-have add-on to me! Anyone? Anyone? (i.e. Stash?) T. PS This is in reference to my other post on a spamming bot demo: http://lussumo.com/community/discussion/5074/scary-comment-spam-botnet-demo/

bytte

That technique is not new, it has been around for quite some time. I use it on my own website for a few months already and it stopped about 60% of comment spam. But clearly that's not enough, so I added an extra field with a simple math question generated at random (also a known technique). These two anti-spam techniques combined have proven to be very successful. I have about 1 comment spam a day now. Still not sure how that one slips through though.

TomTester

I guess it's actual human spammers... Like the math question too.

bytte

You can take it as far as you want. The more you confuse the bots the better your protection will be.
Is there much spam in Vanilla forums?

Stash

Heh, I've up to my gills in work atm, and then I have existing extensions to fix unfortunately, so perhaps the Jazz-Man-Machine or SirNot could sort it out?

TomTester

I was teasing slash... admiring your zeal to make the world (or at least Vanila) a better place ;-)