Comment Spamming
I guess the release of PolarBlog V1.4.0 was timed just right…
This morning when I checked my email I had a message that a comment was posted to my Ski Masks blog entry. Initially I thought there might be another bug because the message was just a URL, not a text message. Upon further review I must proclaim that PolarBlog is now officially "mainstream" as this is the first known incident of comment spamming. It came from 218.79.133.250 located in China. It says it's an assigned address so I'm going block it by the full IP and see if I need to block a range or not.
The next major milestone for PolarBlog is making it to "Big Time" status. That's when your PolarBlog installation starts getting flooded with automated comment spamming…which at this point I don't believe this to be. We shall see if the rogue returns.
Tim said:
My experience with comment spam started out small, but now when it happens I get 30-40 at a time. Someone has a bot that keeps spamming me. My guess is you will start getting hit harder as time goes by. I'm using WordPress for my blog and it has a Spam catching feature(keywords, addresses, etc...) which requires me to approve spam comments before they go live. Maybe you should put this feature in PolarBlog.
My original post about my blog getting hit can be found here: http://blog.speljamr.com/index.php?p=60
Kevin said:
I remember reading your post regarding getting comment spammed. I knew it was only a matter of time before I started getting comment spam of some kind. I just thought it was rather interesting that it happened right after I released the IP blocking modification.
I don't believe this was an automated hit or there likely would have been more of them. I doubt PolarBlog has gotten big enough that someone has take the time to write a spamming bot for it. The next step will be to implement a token generated by the system which is embedded in the form and stored on the server. If you don't have a valid token, you can't post.
I know WordPress and some of the other big name blog packages have had a really tough time dealing with this nonsense. I'm hoping because my user base is small enough that it won't become a big problem with PolarBlog.