Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Spammer Tar Pit

My spammer came back for another visit, so I decided to have a bit of fun. Here is my second WordPress plugin: TarPit (txt, phps).

What it does

If you have any IP numbers listed in your moderation_keys setting (that’s where you put the spam words in the Comment Moderation setting under Discussion Options), this plugin will check them against the current visitor’s IP number. If it matches, the visitor will get a delay (that’s the tar pit — it slows them down), then an “Access Denied” message. You can customize the delay time and the message of course. Advanced users can also add additional IP matches manually, should they so desire. You might want to do that in order to match against an entire IP block, for instance.

If you’re looking for a more humorous spammer deterrent, try Kitten’s Comment Pay. The main difference here is that with “Comment Pay”, the spammer still gets to post a comment. With TarPit, the spammer cannot access any page controlled by WordPress. At all.

Update: I meant to mention this before, but this works great in conjunction with Kitten’s Spam Words Plugin. Anytime you “Delete comment as spam”, the offender’s IP number will automatically be added to your moderation_keys.

Update 2, Aug 27, 2004: Bumped to version 1.1 and added a check for the case where you don’t yet have any IP numbers in your list.

Update 3, Sep 9, 2004: Bumped to version 1.2. Added option to email you when the trap is triggered (enabled by default).

Update 4, Oct 26, 2004: Bumped to version 1.3. Spammers will now get an HTTP 403 “Forbidden” status code, and the output is set to “text/plain”.

About Dougal Campbell

Dougal is a web developer, and a "Developer Emeritus" for the WordPress platform. When he's not coding PHP, Perl, CSS, JavaScript, or whatnot, he spends time with his wife, three children, a dog, and a cat in their Atlanta area home.
This entry was posted in WordPress, Plugins and tagged , , , . Bookmark the permalink.

92 Responses to Spammer Tar Pit

  1. Pingback: » Slow Down Spammer Boy!

  2. Pingback: Photo Matt » The Trouble With WordPress

  3. Pingback: snapping links » managing spam floods in WP

  4. Pingback: CMS Blog Community

  5. Pingback: Canned !! -- my Atropine » 2004 » September » 13

  6. Pingback: Charles on... anything that comes along » The war on blog spam: going about as well as the one on terrorism

  7. Pingback: Rage on Omnipotent » WP anti-spam

  8. Pingback: geek ramblings » Spammers are stupid

  9. Pingback: WISWYG in Vancouver » Spam Comment

  10. Pingback: Blogs Of The Day » popular articles on WordPress blogs

  11. Pingback: Starlit Dreams

  12. wantmoore says:

    Fantastic. I’m blogging about the plugin first and then going to configure and install it. So much more fun that restricting access with .htaccess!

  13. Pingback: the life of justin

  14. Pingback: Weblog Tools Collection

  15. Frank says:

    While this will surely help for a little while, you should (and probably already do) realize that IP numbers are easily spoofed and blocking whole IP number ranges is almost always disadvantageous. As Jay Allen, author of MT-Blacklist, has noted several times, attacking the _method_ of the spammer doesn’t work in the long run, because methods can easily be changed. The tar-pitting is a nice idea, but ideally it should be triggered by a MT-Blacklist type of pattern matching against the author, e-mail, url, body fields of the comment.

  16. Yes, I understand well the pitfalls of blocking by IP number. But since I was experiencing an ongoing attack, it was a valid short-term solution. I plan to reap the IP numbers out of my moderation_keys setting from time to time.

    I’m also looking into the possibility of a WP plugin which can utilize the MT Blacklist regex file in real-time (well, with some caching).

  17. fwolf says:

    Another idea would be to grab the important parts of the sourcodes of SpamAssassin and build a plugin based on them. for comparision: I get about 0.5 spam mails per month – before that: about 20 per DAY!
    – so SpamAssassins spam detection engine should be very reliable regarding this topic.

    cu, w0lf.

  18. marlyse says:

    your other plugin ‘pisoff’ works (I think) but when I install this one, my site goes white. I checked white space and there is none before/after the php tag. my index page is not in the wp folder, could this cause the problem?

  19. Charles says:

    Hmm – I’m trying to deny an entire list of IP addresses from a particularly annoying spammer that seems to be using compromised machines from one provider. Basically, I want to block – (So just 212.235.32. – 212.235.95.)

    So I’m looking at the $spammer_ips array, but can’t see what the regex should be for that list. Being lazy… um, programmer-style, I’m really not planning to write in the whole list going up by one IP each time (212.235.33, 212.235.34..). Hints appreciated..

  20. Charles, try this regexp:


    That should match only the range you mentioned.

  21. marlyse says:

    installed the 1.2 version, same problem, when I activate the plugin, complete site goes white. tried it with commenting out sections, to see which section gives me the problems, site goes already white if I only have the first section (line 43 – 56) active. and I don’t see any errors there. any ideas what could cause the site to go white? (there is no space before or after the original tag, if I comment out the complete code and leave just the main tags, site is okay).

  22. John Gray says:

    Having the same problem as marlyse… when I activate the plugin, I don’t get any HTML output. My host has error reporting almost completely disabled so I’m still looking into this.

  23. I’ve already exchanged emails with Marlyse, and she has this problem with some other plugins, as well. So I think it may be something specific to certain server setups, and not necessarily something in my code. Of course, if someone spots something that indicates otherwise, please let me know!

  24. Chris Weiss says:

    I’ll second the interest in seeing a text matching version. I’ve spent the last 48 hours purging spam from someone who’s spoofing a variety of IP’s but plugging the same list of sites in the comments.

  25. Pingback:

  26. Wanted to let you know that I’ve finally found out what created the problem: it seems that sometimes when downloading a php file or somehow obtaining code from somebody else, unvisible characters sometimes translate not php friendly. Barely visible is the worst, the usually displayed as a dot ’empty space’. Only when viewed as phps file, I saw that it would encode these spaces. Looking at it more closely, I found that even though these invisible chars where represented as dots, the dots where ‘fatter’ than the ‘normal’ dots. Once I cleaned that up, I also found that sometimes single quotes would transfer as ‘curly’ single quotes which also again gave problems. Replacing them all with ‘straight’ single quotes handled that. At this point I don’t remember which of the above problems I found with your file (as mentioned before, I had these ‘white site’ problems with various – but not all – plugins. Hope this makes sense and if somebody else encounters the same problem a place to look at.

  27. Pingback: geek ramblings » Spammers are still stupid

  28. Pingback: cliffrowley :: blog

  29. Jonathan says:

    Um, isn’t this a little lame though (not in terms of the awesome work you’re doing, but just in terms of how it works)? I mean, you have to blacklist the individual ip by hand. I could do that in a darn .htaccess file and be done with it. But any spammer worth their salt is just going to post from another ip. Is there no way to atomate this in the interface?

  30. Pingback: Spam, spam, spam, merveilleux spam… (Almaren)

  31. Pingback:

  32. Pingback: WOIFM

  33. Pingback: Wikilab » Comment spam

  34. Pingback: Kick & Scream

  35. Pingback: the life of justin » must kill spam

  36. Pingback: []: About

  37. Pingback: Kitten's Project Blog » Comment Spam Thoughts

  38. Pingback: Woordenaar | over leven » Commentspam deel zoveel +1

  39. Pingback: Canned !! -- my Atropine

  40. Pingback: projektguerilla » Blog Archive » Fight Spam

  41. Pingback: Blog - Journal Thoughts » WordPress Blog: Fighting Spammers

  42. Pingback: - blog » Blog Archive » Spam Stopgap och Kitten’s Spaminator

  43. dkaye says:

    well, i’m gonna give it a whirl – and use it in conjunction with kitten’s spamilator, and spam words. maybe someday we’ll outbeat the spammers at their own game. here’s to hoping! oh, for my own amusement, i modified the message the spammer will receive to read:

    thanks much for the hard work!

  44. Pingback: :: My Virtual Pensieve :: » Blog Archive » Oh I hate Spam….

  45. Pingback: My true site

  46. Pingback: Webbie's Webblog » Webblog Spammers

  47. Pingback: » Post-Thanksgiving ramblings

  48. Pingback: Origamifried Chicken » Stupid spammers

  49. Pingback: The Blog That Goes Ping » That’ll Teach Me To Sneer

Leave a Reply

%d bloggers like this: