When I, in preparation for Freya, upgraded to WordPress 1.3, I didn’t have any spammer countermeasures in place for a few days. Which was of course just plain foolish! So the other day, after having heard reports of people getting hit with large amounts of casino and poker spam, I decided to install Kitten’s Spaminator (as well as a few other minor countermeasures), and I’m here to tell you it is teh g00dn3zz, as we say.
Today it’s been stopping a minor wave of spam dead in its tracks. Now I’m not entirely sure what it’s doing, but it’s doing it well.
I can second that. I’m also using the Spaminator, and it’s already stopped 5 waves of spam on my part!
AFAIK it’s a combination of “Tarpit” and “Three strikes and you’re out”, and while I’m not quite sure what that means, it does kindly email me once in a while saying “Spammer caught!”. Fantastic.
Hmmm, might have to check that one out, after being hit by nearly 300 poker and casino spam coments.
None of them actually made it onto my blog, because “Casino” and “Poker” are in my comments moderation file. And all I had to do was to go “Mass edit mode” and with 3 clicks they were all gone.
But still, it’s three clicks ;-)
The Tarpit makes the server oddly slow to spambots, and the Three Strikes thing has a set of rules: no referrer, spam word and link maximum? Out!
Fairly smart, and Kitten’s combination is great.
I’ve been using WP Blacklist for some time now (2 – 3 months) and in that time I only saw 2 – 3 spam comments make it to my blog. So if you have a spam problem that’s another solution you may want to look into.
This plugin is great, I’ve installed it on my blog (WP 1.2 ), I’ve written a message without name, the comment is instantly stopped, and I received a mail to inform me about it. :D
after the third wave thats hit my site i’m going to try this out, blacklist was sucking up everything and since this seems to work i guess ill try it.
i also see your using the gravatar plugin. was it as simple as it seems to implement?
Yeah, it was very easy in fact.
Redemption In a Blog posted an awesome and easy spam tool and it’s stopped my blog from spam.
I’ve used a drastic measure to stop spam: in order to comment on an entry users must write my first name in a field. (you can see it here)
Its uncomfortable for them, I know, but I have few comments and until now, no spam has arrived to my mailbox!
I too have used WP Blacklist for some time with great results. “Kitten’s Spaminator” has a much kewler name though [smile]
Kitten’s Spaminator is certainly a kewler name than anything involving blacklist.
Might I make a suggestion? I don’t run this feature because I haven’t yet seen if it’s available elsewhere but it occurred to me that a simple measure (and still accessible to visually impaired) would be to force readers to “Preview” their post first before making the “Post” button available.
Wouldn’t that cut out 100% automated spam?
I’ve been using spaminator, but it seems to want to eat anything slightly spammy, forcing me to report several user comments. Try my shameless plug Spam Stopgap Extreme.
It’s a modification of Matt’s original plugin that forces the client to compute the md5 of another small time and visitor dependant md5 hash. Basically, people who want to comment automatically prove they’re not robots — without them noticing.
And, it’s hard for spammers to spoof….they’ll never be able to figure it out.
I’ll try it immediately: in the last 3/4 days I’ve received lots of spam.
A thing I did to cut out a good part of automated spam, is rename wp-comments-post.php (then you have to change the code in wp-comments.php): so far so good… :D
Paolo, it would perhaps, but I personally hate having to do it. My personal philosophy is that anything that makes it more of a hassle to post a comment is a no go.
Elliott, sorry, but huh? I don’t get it :)
I understand your point of view. I believe I’m going to try it out on my blog and I’ll take user feedback to let you know how they feel.
I think it’s worth the experiment. :)
Hmmm, how to explain. Normally, when a person writes a comment on your blog, they hit submit, and it starts processing the comment. The Stopgap plugin, however, inserts javascript that computes a magic number when you hit submit. Then the server checks that magic number — if it’s not what it needs to be, you get a retaliation of google news.
The only downside — won’t work w/o javascript. But that’s not much of a downside, I think.
I’ve used a basic version of the Stopgap glugin, using hidden fields. I now use that in conjuction with the javascript random number job.
It’s very effective thus far. The biggest downside to a “blacklist” style system, is that you end up with a huge list, with many records out of date as IP addresses and hostnames move around.
Given sufficient time, it could get to the point where harmless posts are actually nailed. Which means some form of pruning is needed.
Mind you, my site has a very very small viewer base, so it’s not going to be spammed as much as BB would be :)
The double combo of a static hidden field (catches non java enabled spammers) as well as the java fields make spam a non event for me..
I’ve been getting hit big time too, lately. It sucks big time. Also posting to see if my gravatar is working.
Also recommended: Spam Karma. It’s like Spaminator on steroids, with a conscience.
I’ve now also installed Spam Karma, which looks to be very very promising!
I also installed Spam Karma yesterday, but it declared one of the last 5 comments “evil”, so I’m not that happy. I deactivated the OSA feature which caught the comment and it will remain disabled until the first spam wave hits my site.
Talking of features, however, it seems to be one of the best anti-spam plugins around.
I am going to try this out later as well. The majority of the current spam is being blocked by Blacklist, but the more protection the better. Of course this spam converts to “moderation required” emails being sent to my box.
Not sure what spawned the recent comment spam craze, but it is getting rather annoying.
Just started receiving my own flood of casino spam this morning and remembered reading about the plugin here. It’s been running a few hours now, and so far it’s all dried up. Now I love casino spam as much as the next poster… but so far I love this kitten more.
yeah, i just started using wordpress the other day (i used http://nucleuscms.org/ before) and I got about 20 comments about casions in each of my posts. i disabled automatic update and installed a few plug ins and things seem to be working okay, but how come this didnt happened to me when i was using nucleus cms? I had the same url…
Thanks Michael for letting everyone know about this wonderful plug-in!
After reading your post, I installed it yesterday, and miraculously the spam problem is solved, now I am spam free. YEAH!
I recently moved over to <a href=“http://wordpress-hosting.com>WordPress Hosting because they offer wordpress support as part of their hosting service and they installed this spam filter for me as well as many others. Does anyone know the difference between spam karma and spaminator?
spam karma considered my own post to be evil…
so we won’t be using that.
i don’t have any idea why or how the spamminator is working, but so far, it seems to be dooing a great job.