{"id":11966,"date":"2007-12-20T10:20:28","date_gmt":"2007-12-20T17:20:28","guid":{"rendered":"http:\/\/hill-kleerup.org\/blog\/wp\/2007\/12\/20\/spamero-delenda-est.html"},"modified":"2007-12-20T10:20:28","modified_gmt":"2007-12-20T17:20:28","slug":"spamero_delenda_est","status":"publish","type":"post","link":"https:\/\/hill-kleerup.org\/blog\/2007\/12\/20\/spamero_delenda_est.html","title":{"rendered":"<i>Spamero delenda est!<\/i>"},"content":{"rendered":"<div class=\"img-shadow-right\"><img loading=\"lazy\" decoding=\"async\" title=\"Nuke 'em till they glow\" height=\"225\" src=\"https:\/\/www.hill-kleerup.org\/blog\/images\/nuke.jpg\" width=\"300\" \/><\/div>\n<p>So more spammy badness this morning.&nbsp; Nothing got through to the page &#8212; the application layer held up &#8212; but the attacks caused serious site problems as the applications spun into high gear to keep the Visigoths at bay.&nbsp; And, in this case, it was a comment script attack, rather than the more common (these days) trackback script.<\/p>\n<p>I&#8217;m just damned sick of it.&nbsp; I renamed both scripts (twice), but it had a heavy enough impact that the kind folks at Hosting Matters sent me a note about it and took some interventions themselves.<\/p>\n<p>Rrg.<\/p>\n<p>I&#8217;ve pondered shutting down the trackback bits, even though I make a lot of use of them myself within the application (as an internal cross-reference).&nbsp; But as today&#8217;s attack showed, it&#8217;s still a problem on the comment side.&nbsp; Indeed, one of the key protections I have &#8212; TinyTuring, which has kept every single casual bot comment spam since August <em>2006<\/em> &#8212; probably made things <em>worse<\/em> in this case, as it meant that every faux comment attempt fired off the comment script before being blocked (and if it had hit the junk filters and been blocked, AutoBan would have pushed the IP address into htaccess and blocked further attacks from that source).<\/p>\n<p>As it stands, I have a number of IP ranges generically blocked (sorry, all my potential readers in Russia and China); that doesn&#8217;t prevent IP spoofing, I suppose, but at the moment it&#8217;s the best I can do, on top of the other tools.<\/p>\n<p>(Ironically, most people gripe about e-mail spam; I&#8217;ve gotten to the point where the majority gets filtered and the rest I can toss with as much ease as junk mail at home.&nbsp; It&#8217;s the blog spam that&#8217;s taking up too much of my time.)<\/p>\n<p>A suggestion has been received that I bail on Movable Type&nbsp;and move over to WordPress or some other blogging tool (not that they&#8217;re immune to spam attacks, but the type of scripting that MT has means a lot more system resources are chewed up in defending against it).&nbsp; I can&#8217;t tell you how much I <em>don&#8217;t<\/em> want to do that for a variety of reasons (the vagaries of migration, learning&nbsp;a new platform, etc.).&nbsp; I&#8217;ve had a vague hope that MT4 will be a bit more robust in this, but I don&#8217;t recall reading anything about that one way or the other.<\/p>\n<p>So time to crack the books again on MT and anti-spam.&nbsp; Just what I want to do on my Winter Vacation.<\/p>\n<p>Any other thoughts out there?&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So more spammy badness this morning.&nbsp; Nothing got through to the page &#8212; the application layer held up &#8212; but the attacks caused serious site problems as the applications&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[3,39],"tags":[],"class_list":["post-11966","post","type-post","status-publish","format-standard","hentry","category-blogging","category-spam"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":12520,"url":"https:\/\/hill-kleerup.org\/blog\/2008\/04\/03\/movable_type_static_publi.html","url_meta":{"origin":11966,"position":0},"title":"Movable Type: static publishing with dynamic CGI script names","author":"***Dave","date":"Thu 3-Apr-08 3:20pm","format":false,"excerpt":"Well, that little digression turned into a big time sink. A few weeks back I converted my WIST quotations site into a static published site, rather than dynamic. That took...","rel":"","context":"In &quot;Blogging - Technical&quot;","block_context":{"text":"Blogging - Technical","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging\/blogging-technical"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10375,"url":"https:\/\/hill-kleerup.org\/blog\/2007\/02\/01\/lack_of_commentary.html","url_meta":{"origin":11966,"position":1},"title":"Lack of Commentary","author":"***Dave","date":"Thu 1-Feb-07 11:12am","format":false,"excerpt":"Yes, the comment script was not working this morning. No, it was not due to spammers (directly) or FastCGI or MT or even a grue. I noticed a number of...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11939,"url":"https:\/\/hill-kleerup.org\/blog\/2007\/12\/27\/back_on_the_spam_front.html","url_meta":{"origin":11966,"position":2},"title":"Back on the Spam front &#8230;","author":"***Dave","date":"Thu 27-Dec-07 10:57am","format":false,"excerpt":"I've been working with the Hosting Matters folks to get FastCGI up and running on the server I'm on.\u00a0 The biggest problem (from a spam perspective) that Movable Type...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"spam","src":"https:\/\/i0.wp.com\/www.hill-kleerup.org\/blog\/images\/spam.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":6973,"url":"https:\/\/hill-kleerup.org\/blog\/2004\/11\/21\/spam_spam_spam.html","url_meta":{"origin":11966,"position":3},"title":"Spam, spam, spam, spam &#8230;","author":"***Dave","date":"Sun 21-Nov-04 9:51pm","format":false,"excerpt":"MT-Blacklist still blocks a heck of a lot, but seems vulnerable to Trackback spam (vs Comment spam), largely because the \"old post\" forced moderation feature against Comment spam doesn't apply...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11942,"url":"https:\/\/hill-kleerup.org\/blog\/2007\/12\/27\/back_on_the_spam_front_2.html","url_meta":{"origin":11966,"position":4},"title":"Back on the Spam front &#8230;","author":"***Dave","date":"Thu 27-Dec-07 8:07am","format":false,"excerpt":"I've been working with the Hosting Matters folks to get FastCGI up and running on the server I'm on.\u00a0 The biggest problem (from a spam perspective) that Movable Type...","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"spam","src":"https:\/\/i0.wp.com\/www.hill-kleerup.org\/blog\/images\/spam.jpg?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":8003,"url":"https:\/\/hill-kleerup.org\/blog\/2005\/07\/05\/comment_spam_up.html","url_meta":{"origin":11966,"position":5},"title":"Comment spam update","author":"***Dave","date":"Tue 5-Jul-05 9:27am","format":false,"excerpt":"And since we're talking about freedom of expression, let's chat about spam. Actually, comment\/trackback spam has been nearly flat on this site since I implemented Typekey as well as MT-Blacklist....","rel":"","context":"In &quot;Blogging &amp; Internet&quot;","block_context":{"text":"Blogging &amp; Internet","link":"https:\/\/hill-kleerup.org\/blog\/category\/blogging"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/11966","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/comments?post=11966"}],"version-history":[{"count":0,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/posts\/11966\/revisions"}],"wp:attachment":[{"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/media?parent=11966"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/categories?post=11966"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hill-kleerup.org\/blog\/wp-json\/wp\/v2\/tags?post=11966"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}