I forgot to say that by doing so, I am not annoying
users at all. They can post comment anytime they want,
and don't have to go through deciphering the ridiculous
word-skewing that is indeed very painful.
Are you sure that's a "u" and not a
"v"?
Even so, this isn't really an exam :-)
It's enough that one person desn't get it, or a person
who needs glasses can't really decipher it to know it's
not good enough..
"I have solved comment spam in my blog by
preparing a special URL when the user clicks post. This
URL has one or more parameters whose values are checked
on the server-side, and are used to block any automated
comment being made. "
I must be missing something, I just don't see how that
would prevent bots
"I must be missing something, I just don't see
how that would prevent bots"
Let's take an example. When the bot arrives and grabs my
comment page, they get the html of the whole comment
area block with an url of the form
http://.../?timestamp=12.
By the time the bot automates clicks, it usually takes
days often weeks, the server-side expects a different
timestamp. Thus any attempt to add a comment with
timestamp=12 is stopped at the door.
For the spammers to work around this, they need to
rewrite urls in such a way they know it advance what the
server-side expects.
That's why it works. It blocks all comment spam.
To be accurate, if your timestamp is say the
"day of the year" then it won't stop
all the comment spam you could get the same day you are
posting an article. While even that is solvable, I don't
see it a problem in practice. I have figured out that
most of the comment spam that was being automated on my
site was the result of pages being crawled days later
(often pages grabbed from aggregators like technorati,
or simply search engine results).
It does not work for trackback spam, but I am working on
that too. If you have any idea, let me know.
For Stephanie Rodriguez (and others with the technical
knowledge),
I run a website for a barbershop quartet who's just
recently managed to receive some ire from the spammers
that be. I wish no ill will towards them, but I just
recently stopped a guestbook hack that had all but
paralyzed it. Now the spams left by 'comments' or
e-mails haev gone from MAYBE 1 a month to over 50 a day.
I'm at a loss of what to do, and your timestamp idea
sounds ingenious :) Any ideas? If you're interested in
seeing the guestbook or what I'm working with, feel free
to check out the website above (equitybarbershop DOT
net). Thanka and take care! Chris
I'm with you. I don't understand why it helps to make
the script in a word verification puzzle sometimes
nearly illegible. Why can't they just use a standard
script each time?
Not "puzzle": picture, of course.
Freudian slip?
Some sites use verification in which several letters and
numbers get very confusing - like "i"
"l" and "1"
Completely annoying
Can you give a solid example of your time stamp solution
to comment spam? Like to which blog were you doing this
with ? (word press) It does appear a very simple
solution! Infact it appears to simple and too perfect. I
didn't think spam bots posted on comments days after, I
thought they posted as they crawled them. If this
timestamp works - why hasn't anyone else seen this? It
seems a perfect solution for comment spam, if the post
timestamp is say more than a hour out, ignore it. Could
it really be that simple?
Has anyone seen the word verifications at hotmail? lol.
Those things cannot be read, and when I listened to it.
I have to listen over and over to hear what the kid is
saying, Then over and over again because it is so fast
lol. Then if I made a mistake I have to try
again....very annoying.
We are thinking of adding a feature like this to our web
site, but does it have to be that hard to read?
The word verifications are hard to read so that OCR
software cannot read the image & translate it into
letters.