In an effort to curb comment spam (comments left at my website by automated spam programs in an effort to get links to their sites), I have implemented further antispam measures.
- Set maximum number of similar comments or comments from a similar user in 24 hour period (antiflood)
- Check IP of commenter against open relay blacklists
- Check domains of links in comment against spam domain blacklists
- Look for empty referrer (will not result in a block, by itself)
- Check all fields against massive local blacklist (results in moderation if only a few hits, denial if more)
- Look for weird stuff like too much character encoding
- Count the number of links in the comment (too many will result in moderation, and count as a strike towards a complete block)
When you submit a comment, one of 3 things will happen: success, moderation, or blocking.
If your comment is successful, the page will refresh and you will see your comment. If your comment is moderated, you will
receive a pop-up notification, and be given a chance to prove you are human by passing a CAPTCHA, or your comment will appear once I have approved it. If your comment is blocked completely, you will receive an error message that lets you know why it was blocked. If this happens, you can click “Back,” change the offending bit, and resubmit.
Remember that if your comment goes into moderation, you do not have to submit it again. I will approve it as soon as I get notification of it. If you have any questions about how the code works or feel that your comment is being blocked without good reason, please contact me.
[…] Mark Jaquith, for some code and ideas from his Snowball Effect and Captcha plugin. […]