Please allow me to go off topic for a moment.
Twelve Mile Circle was having quite a spam problem until yesterday. You, the readers, avoided this awful torment because I moderate comment on this blog. They do not become visible on the site until I review and approve each of them individually.
When I first started this site I got perhaps one or two spammy comments a day. That was mildly annoying although they were easy enough to delete them from the moderation queue. Then I could go on my way. When it rose to 40 messages a day and climbing, it grew beyond annoying. That’s when I knew I needed to find some other way to deal with it.
Challenge-Response
I looked into several solutions but they all seemed unattractive. They involved extra hurdles for legitimate readers or coding changes that outstripped my limited technical abilities. Challenge-response is one common method for dealing with non-legitimate users. Essentially, this solution asks the reader a question that only a human can easily answer. If successful, they may then proceed to the site.
CAPTCHA is an example. However I have a problem with it because I can’t figure out those weird, warped letters. This is only going to get more difficult as spammers develop more sophisticated tools to decipher them.
Theoretically I could also code a homegrown challenge-response systems directly into my files. These would ask questions like, “How far across is a 12 mile circle?” You can answer that quite easily, but of course a bot cannot. That’s a pretty good solution. But the reader now has an extra step. Moreover, I don’t really have the skill to make the necessary coding changes. There were other solutions that involved hiding or renaming certain files that were also somewhat beyond my abilities.
Time Stamps
Then I came across a very elegant and simple solution that focused on time stamps. It works on the basic principal that bots want to stuff as many comments into as many places as they can in the shortest amount of time. They will enter anything into the comment box and hit submit. Or they may skip that step entirely and go straight to the comment posting file.
Humans — at least those interested in reading a blog — will (hopefully) consider the content of a given entry. Then they will carefully construct a comment with lots of thought-provoking commentary. Generally a human comment will take at least a minute to compose, and probably several more. In theory, by requiring the comment page to be opened for at least sixty seconds before allowing it to post to the moderation queue, a human will do just fine but bots should be blown out of the water.
I decided to try this solution. It involved the addition of just a couple of very small and simple code snippets, so easy to add that even I couldn’t mess it up. Within ten minutes I’d applied the changes. I did some basic testing and it seemed to work.
So with fingers crossed I opened the moderation queue this morning. I knew that spammers had been banging on the door all night long because I saw the files pinged in the access logs when I reviewed them this morning. However, NONE of them, ZERO, made it through to the queue. I’m sure someday they’ll figure it out but for now I’m blessedly spam free.
Now back to Geography…
Leave a Reply