[lists] [wp-hackers] Anti-spam Idea
Robert Deaton
false.hopes at gmail.com
Sat Dec 18 22:27:02 UTC 2004
Elliot, I do believe when they speak of comment flood they mean from
one IP or a very rapid flood. Few have blogs like /. that get 100
comments within a minute of the first post, so I don't think even
checking for flood at all would be a problem.
On Sat, 18 Dec 2004 15:35:55 -0500, Elliott Bäck <ecb29 at cornell.edu> wrote:
> One problem I see is that a flood of comments isn't really an indicator
> of spam. For example, when you post a new post on a popular blog,
> you'll end up getting a lot of comments at first, and less later. Also,
> if someone big links to an old post you'd still get that comment
> flood... it would be really hard to come up with heuristics to classify
> spam. In fact, I wager that all heuristic methods for combating spam
> are inherently flawed.
>
> But automatic creation / modification of .htaccess is a cool idea!
>
> Thanks,
> Elliott C. Bäck
>
> 607-229-0623
> 119 Blair St. #2
> --------------------
> www.spreadIE.com
> www.elliottback.com
>
>
> Podz wrote:
>
> > First: I know zip about the technicalities, it's just an idea I've had
> > after reading many blogs and articles recently.
> >
> > 1. Install plugin
> >
> > 2. Run part#1
> > - This queries the database and takes an average of comment numbers /
> > time after discarding the top couple of posts (I think most people
> > have a couple of posts where comments have gone on much longer than
> > normal). This suggests two values: no. of comments and span of time.
> > User does something that sets the values
> >
> > 3. Run part#2
> > - This takes an initial value from the user as a seed and creates a
> > couple of names
> >
> > 4. Plugin is now up and running. (It could do other anti-spam stuff too).
> >
> > 5. Plugin writes a constant log of activity - a bit like a "Blog Black
> > Box" of code. This is set to record either by log size or number of
> > events. It writes against all the criteria that would cause the next
> > stage to kick in: IP / time between comments / no. of links / no. of
> > spamwords used and it does so in a way that would be intelligible to
> > anyone who runs a server. It can't be written so only the author can
> > understand it - or you'll be the only one doing support.
> >
> > 6. Once the values set in #2 are hit, plugin:
> > - renames (using values from #3) any wp-comments* files and renames
> > the comments table in the database
> > - writes a lot of values to .htaccess to 'deny from'
> > - emails the blog owner
> > - does something that indicates on the blog that all commenting is
> > currently closed
> > - now writes the constant log but does so to a higher log size so as
> > to capture everything subsequent to the attack, or writes another so
> > the attack triggers are retained for future use.
> >
> > 7. Blog owner runs something that reverses the name changes, reminds
> > them to take a copy of the log, undoes the .htaccess ... and whatever.
> >
> > Like I said, I know nothing about coding - you should know that by now
> > :) - so please don't shoot me for this idea eh ?
> >
> > Cheers,
> >
> > P.
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >hackers mailing list
> >hackers at wordpress.org
> >http://wordpress.org/mailman/listinfo/hackers_wordpress.org
> >
> >
>
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org
>
--
--Robert Deaton
http://false-hopes.com/
A proud Linux, Firefox, and WordPress user.
Linux is not an operating system, its a way of life.
More information about the hackers
mailing list