Saturday, 17 September 2005, 17:41:17 EDT

Comment spam is a problem common to web sites that allow anonymous people to post comments. Until recently, I have never had a problem with comment spam. I believe the reason I never had any such spam is because I used to let search engines index the main page of this site, the one you are reading. This meant that only the articles that were showing on the front page at the time any search engine indexed my site would be the only, or at least the most prominent, results for this site returned by the search engines. When I moved to this host I decided to manage my bandwidth and search engine indexing a bit better. I set the index page to tell the search engines not to index the main page, only pages linked from the main page. So, individual posts now get prominent returns in search engine results thus making it easier to find the comment form which uses some standard comment form variables. One of the tricks that comment spammers use is to look for sites that allow anonymous posts by executing searches, with popular search engines, and look for sites with forms that are common for sites such as this one. All of this is, usually, done automatically for the spammers by software written specifically for their purpose. There are some low life scum that manually do the searching and spamming; there isn't any way to stop them short of disabling the comment feature all together.

Why am I telling you about all of this? As I said, I have been getting comment spam recently. It started around the first of this month and has slowly been increasing. After receiving a new bit of spam this afternoon, I decided to take some time out of preparing for my first Calculus III test to implement something that I hope will deter future spam on this site. I implemented what is known as a captcha on the comment form. Now, when you go to post a comment to one of my posts you must enter a six digit number which is provided as an image. I wanted to make this as unobtrusive as possible so I did it a little differently than is typical. The number generated for you "sticks" for thirty days. You still have to manually enter it every time you post a comment, but you won't have to input a different one every time. If you forget to enter the number, or enter it incorrectly, you will get a javascript error and sent back to the post's comments. The comment you had composed will not be lost; your comment will be waiting for you in the comment field.

While implementing this, I found the problem that was causing the "save information" checkbox to not work. So, you shouldn't have to re-enter all of your personal information every time you want to add a comment now. Hopefully, all of this makes a difference.


I have yet to have any comment spam. I guess I am just lucky.

Posted by Mr Frosti on Tuesday, 20 September 2005, 8:49:51 EDT.

How high do your posts rank in Google? Does Google archive your individual posts or does it mostly get the "current" index? If you don't use an update service, as I mentioned on Jonathan's site, then these are the biggest causes of comment spam. I get some high ranks in Google; mostly from four different search phrases. I get number eleven on Google for the phrase "roomfullofmirrors mp3".

Posted by James Sumners on Tuesday, 20 September 2005, 10:46:37 EDT.

My page rankings on Google are non-existant. Google should be able to view my archives for weekly postings however it doesn't seem to be the case.

Posted by Mr Frosti on Saturday, 24 September 2005, 23:44:41 EDT.

I believe that is why you have not had this problem yet. Since I implemented the captcha, I have not had a single instance of new spam. This confirms that I was getting the spam from bots trawling Google.

Posted by James Sumners on Sunday, 25 September 2005, 17:58:35 EDT.