Tim Flight

Despite using a captcha to fight comment spam I’ve seen an increasing amount of the junk in the past few weeks. At first I thought maybe the spammers were getting past the captcha, but carefully analyzing the log files shows that isn’t what happens.

In the most recent comment spam I received the spammer simply used the following Google search:

"Leave a comment" inurl:subject

The exact phrase “Leave a comment” is commonly used in WordPress themes so the spammer is looking for WordPress blog posts where comments are allowed. Then they use the ‘inurl’ operator to return only pages where ’subject’ appears in the URL. Pretty clever.

Then they visit the site and paste in their spam. In my case they actually fill in the captcha image challenge and submit the spam. In most cases WordPress puts the comment into moderation because it includes links.

So what can be done to combat this new manual comment spam? I’ve decided to change the “Leave a comment” phrase to something else on my more popular blogs. Time will tell if this helps some of this more sophisticated comment spamming.

This entry was posted on Monday, February 27th, 2006 at 7:23 pm and is filed under Computer Technology, General, Misc. You can subscribe via RSS 2.0 feed to this post's comments. Both comments and pings are currently closed.