[lists] [wp-hackers] Anti-spam Idea

Elliott Bäck ecb29 at cornell.edu
Sat Dec 18 20:35:55 UTC 2004

One problem I see is that a flood of comments isn't really an indicator 
of spam.  For example, when you post a new post on a popular blog, 
you'll end up getting a lot of comments at first, and less later.  Also, 
if someone big links to an old post you'd still get that comment 
flood... it would be really hard to come up with heuristics to classify 
spam.  In fact, I wager that all heuristic methods for combating spam 
are inherently flawed.

But automatic creation / modification of .htaccess is a cool idea!

Elliott C. Bäck

119 Blair St. #2

Podz wrote:

> First: I know zip about the technicalities, it's just an idea I've had 
> after reading many blogs and articles recently.
> 1. Install plugin
> 2. Run part#1
> - This queries the database and takes an average of comment numbers / 
> time after discarding the top couple of posts (I think most people 
> have a couple of posts where comments have gone on much longer than 
> normal). This suggests two values: no. of comments and span of time.
> User does something that sets the values
> 3. Run part#2
> - This takes an initial value from the user as a seed and creates a 
> couple of names
> 4. Plugin is now up and running. (It could do other anti-spam stuff too).
> 5. Plugin writes a constant log of activity - a bit like a "Blog Black 
> Box" of code. This is set to record either by log size or number of 
> events. It writes against all the criteria that would cause the next 
> stage to kick in: IP / time between comments / no. of links / no. of 
> spamwords used and it does so in a way that would be intelligible to 
> anyone who runs a server. It can't be written so only the author can 
> understand it - or you'll be the only one doing support.
> 6. Once the values set in #2 are hit, plugin:
> - renames (using values from #3) any wp-comments* files and renames 
> the comments table in the database
> - writes a lot of values to .htaccess to 'deny from'
> - emails the blog owner
> - does something that indicates on the blog that all commenting is 
> currently closed
> - now writes the constant log but does so to a higher log size so as 
> to capture everything subsequent to the attack, or writes another so 
> the attack triggers are retained for future use.
> 7. Blog owner runs something that reverses the name changes, reminds 
> them to take a copy of the log, undoes the .htaccess ... and whatever.
> Like I said, I know nothing about coding - you should know that by now 
> :) - so please don't shoot me for this idea eh ?
> Cheers,
> P.
>hackers mailing list
>hackers at wordpress.org

More information about the hackers mailing list