[wp-hackers] More anti-spam ideas

inforequest ai6bois02 at sneakemail.com
Mon Sep 27 02:29:57 UTC 2004 

I'm a lurker here but for what it's worth I'll offer a suggestion about 
comment spam.

Comment spam, like guestbook spam, is usually an attempt to obtain a 
free backlink  Topical blogs or blogs that have achieved a decent 
pagerank in the Googleplex are prime targets, as they offer higher-value 
backlinks than others. That said, however, all backlinks are valuable to 
spammers seeking toimprove their own site's rankings.

The comment spam scripts I have seen are quite sophisticated form 
completion scripts. They do not need your source code to properly 
navigate a feedback/comment form - they use a combination of factors 
including form field names, field order /location, and their own 
experience spamming other sites. The latest use URLs which appear legit 
or are IP-based, so they get past manual review, and are changed later 
(after approval) to serve their spammy purpose. Some use cloaking so 
visitors to their site from that comment link on the spammed blog see a 
normal website/blog, while others and search engine spiders get the 
spammy Cialis or Viagra page (or whatever).

Since the value is in the resulting backlink, why not remove the value 
to avoid comment spam?

One way is to simply pass the link through a local redirector (you rown 
page that simply header 301 redirects to the destination). That way all 
comment links are actually not links to another website, but links to 
the redirectionpage of your own blog. That page, in turn, can redirect 
the user to the destination website. The result is a functional "link" 
as intended, but not a relevance relationship link. This is what Google 
has been doing, and Typepad, and others.

If like me you prefer to keep the web working the way it was intended 
(redirected hrefs don't pass pagerank between websites, which they 
really should do if they are genuine links), then default to a 301 
redirect and add WordPress comment moderation/approval to replace the 
redirection with a direct link. You will take care of most of today's 
fly-by comment spam, and still allow immediate comments with all their 
glory. As you "approve" comments the links revert to direct backlinks 
for the poster. You take on some risk of after-the-fact spamming, but 
that is (today anyway) minimal compared to the big comment spam problem.

The systems out there that implement redirecters don't allow for when 
you actually want the direct backlink.  From what I have seen, WordPress 
would be the first popular system to implement a wise comment spam 
limiter like this, preserving the nature of blog commenting while 
avoiding abuse, and still rewarding appropriate comment posters with a 
backlink.

-=john
-------------------------------------------------------------------------------------------------------------------
John Andrews
Discrete Web Site Optimization Services

More information about the hackers mailing list