SpamForceField is my newest anti-spam plugin for WordPress. This one does a couple of interesting things:
- All connections via pinappleproxy are denied.
- Every connection’s
Refereris checked against your blacklist keys. If a match is found, the connection is denied. - If a comment is flagged as ’spam’ due to the normal spam checks, the client receives a
403 ForbiddenHTTP status. This also occurs for connections denied in the other two checks above. - When connections are denied, the client receives a message explaining what has occurred. It contains a link to check if their connection is through an open proxy and an obfuscated reference to the site admin’s email address. (e.g., “joe (at) example (dot) com”).
I actually wonder if sending a 404 Not Found status would be more effective, as it might trick some spammers into thinking that your site was gone. However, the 403 Forbidden status is more semantically correct. Use of a 404 code for this could mess with analysis of your web logs in confusing ways.
Over about the past week, I’ve been tweaking this plugin and also analyzing sources of spam, and blocking the most abusive hosts and networks with firewall rules (ipfw on my FreeBSD server). This has virtually eliminated (so far) the appearance of referer spam in my stats. Plus it gives me a warm fuzzy to know that all those connections are being rejected.
I can suggest that you add the following strings to your Comment Blacklist (Options/Discussion):
- -poker
- poker-
- tx-holdem
- texas-holdem
- tigerspice
- -2005.com
- .wslp24.com
- conjuratia.com
- .loveseo.com
- buy-2005
- firsthorizonmtg.com
- government-grants.org
- government-grants.ws
- business-grants.org
There are plenty of others, but these account for most of the referer spam I’ve been seeing recently. Also, if anyone wants to share their moderation/blacklist keys via Mark’s XBN Plugin, please feel free to get in touch.
If you’ve read this far, you’re probably wondering where to download it? How about right here: txt, phps.
Note that the file is named 000-SpamForceField.php. The reason for naming it with the three leading zeros is that WordPress loads plugins in filename sort order. We want this plugin to load as early as possible, so we force it to the beginning via the funky filename. In my case, I wanted the SpamForceField to intercept spams before BAStats had a chance to log anything.
Update: I’ve received some reports that this plugin is issuing the 403 status when comments are flagged for moderation, not just when they are flagged as ’spam’. This behavior is not correct. If anyone can help me debug this, I’d appreciate it, since I’m buried with Real World problems at the moment.
Update 2: I’ve updated the plugin to version 1.1, with a slight change which should take care of the problem of getting the Warning: Missing argument 2 for deny_spammer() message when a comment is posted.
Related posts:
- Blacklist Peering Plugin
" Mark over at WeblogToolsCollection has come up with another great WordPress plugin for combatting blog comment spam: Blacklist Peering Plugin. My existing greylist and..." - Some blog spam cases you might want to watch for
" I like to think that I’ve got some pretty decent spam prevention measure in place on my server. My mail server uses RBL/DNSBL services..." - Spammer Tar Pit
" My spammer came back for another visit, so I decided to have a bit of fun. Here is my second WordPress plugin: TarPit (txt,..." - SpamLookup plugin for MovableType
" There’s a new plugin for MovableType called SpamLookup. Let’s compare this add-on to the anti-spam features already in the WordPress core: Feature Comparison for..." - Testing a new spam blocker
" I’ve been trying to snatch a few minutes here and there to work on the automated spam blocking system that I proposed last week...."
27 Comments
I don’t know how many false positives happen, but I hate to think that I might be turning a non-spammer away from the entire page. What about disabling the comment form for suspected spammers? This way a false-positive can still read the site and if they want to get in touch they can find the contact page. Is this a good idea or am I missing something?
We’re giving this a try at washingtonnc.org – just wanted to drop a note to let you know.
I’ve written an anti refer-spam script, and to blocked connections I’ve decided to return a 404 instead of a 403. Who cares about semantics here, it’s all about hoping that spammers are checking their bot logs (they probably aren’t) and making them think the site is gone.
Dougal,
I just saw this on my dashboard, and I’ve installed it. Will be interesting to see what happens. Thanks for putting it together.
Hi
This sounds really good for me but I get the error anytime someone tries to comment.
Warning: Missing argument 2 for deny_spammer() in /home/.oedipus/binarysun/binarymoon/wp-content/plugins/000-SpamForceField.php on line 60
Andy:
Yes, false positives can occur, which is why it is important to be careful what you put in your blacklist keys. And yes, this plugin will prevent access to even read posts on your site, if the client is connecting via pinappleproxy or their referer contains a blacklisted phrase. That is by design, though. However, this is why I made the concession of providing a friendly error message explaining the situation.
Ben:
I’m not sure why you’d be getting that error, unless there was a bugfix between the WordPress 1.5 release and the current SVN code which I’m running. That error indicates a problem with the action being called from the comment_post hook. You could just try commenting out the
add_action()call near the beginning of the plugin, as a temporary workaround.Dougal, nice plug-in!
I notice that the URI for the plug-in (in the WP plug-in comments header) is incorrect, looks like you changed the post_name for the posting after you started the plug-in.
What is the point of having two p.o.k.e.r.s?
# -.p.o.k.e.r.
# p.o.k.e.r.-.
Will not the just word p.o.k.e.r. be enough?
If you are absolutely sure that there will be no legitimate comments on your site that mention poker at all, that’s fine. Most of the spammed sites with ‘poker’ in the URL have a dash before or after, though. So it’s a good way to be just a little more specific.
Dougal,
When I activate your plug in, I get this error at the top of my admin panel… I deactivate it and refresh teh screen and it goes away. I just upgraded to WP 1.5.1.1 so that may have something to do with it…please advise – thank you!
Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 10
Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 11
Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 12
Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 13
Sparky: you must change in php.ini this command
—————————-
output_buffering = On
—————————-
I have a huge problem with refferer spam. Do you know if spammers check their logs to see if you clicked on the link in your stats? I wonder if that keeps them coming? Good luck.
My browser insists on downloading the plug-in as an HTML file. No matter what I do I cannot download it as a PHP or TXT file. I know it’s a small file, but code you zip it up?
I have found the app the refferer spammers use.
MagicTrafficBot.com
I’m sure that tool is just one of many that do the same thing. It’s drop-dead simple to write a tool that generates referrer spam.
Akismet works great. I am using it on my wordpress and drupal websites.
We’re giving this a try at smartlinks.us – Also I amm sick and tired of spamers stealing “scraping” my anchor text with ever constant changing Ips, Help.
Dan Bradstreet
“Akismet works great. I am using it on my wordpress and drupal websites” I must agree to Mike i also use Akismet on one of my new blogs (2.2 wordpress) and it works great 99% of spam comments are deleted!
I have also Akismet running, but a few spam comments are coming through.
Does someone with Akismet has also SpamForceField running?
Well I will try it on my wordpress blog.
i love it! now my blog is clean! thank you for your work!
How does SpamForceField compare with Akismet for wordpress? I am using Akismet on my personal blogs but looking for some spam solution for commercial blogs
Thanks to this plugin my blog is spam free after activating it!
There are some good and some bad Plugins! This is a very good thing!
Especially that the Referer is checked! I Like It!
I have the running the askimt, the Spam Karma and an especial Captcha – so now i thinks there ist no way to come through this all!
Nice post.
Spammers are killing me. Excellent post.
Best way is to use plugins. There are plenty that prevent spamming and they work pretty well. Out of 500 spam comments, only 5 would be able to get through it. Sure, the 5 comments are annoying, but it’s still 495 less right?
http://www.buyinpoker.com
20 Trackbacks
Plugin: SpamForceField SpamForceField is my newest anti-spam plugin for WordPress. This one does a couple of interesting things: All connections via pinappleproxy are denied. Every connection’s Referer is checked against your blacklist keys. If a match is found, the
The latest tool in the ongoing skirimish between this blog and comment and trackback spam is SpamForceField from Dougal Campbell. We shall see…
[...] ê²ƒë„ í¥ë¯¸ë¡ê²Œ 들린다. 코멘트 스팸 퇴치를 위해ë¼ë©´ ëë“ ì§€ 한다. geek ramblings » Plugin: SpamForceField Permalink [...]
[...] 1 PocketMac® For PSP | Call Toll Free 1-866-POCK-MAC (tags: psp osx) Plugin: SpamForceField (tags: wordpress) Stopdesign | Staying organized (t [...]
[...] ess, los cuales por defecto solo se ocultan pero siguen residiendo en la base de datos. [...]
[...] SpamForceField (http://dougal.gunters.org/blog/2005/03/29/plugin-spamforcefield) [...]
[...] Autres solutions à essayer : Referer Karma, Referrer Bouncer, AutoBanReferer ou encore SpamForceField [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vÃa pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] radical, pois nessa manhã havia novamente um bloco imenso de spams a apagar: instalei um tal de spamforcefield. Caso algum dos comentaristas habituais tiver problemas, sabe onde me encontrar. Os que quiserem [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vÃa pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] is just one of them. I think 2 of the plugins I’ve been using have worked really well so far: SpamForceField and WP SpamAssassin, plus another one which shall remain nameless…..I believe one (or more) [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vÃa pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] Visit [...]
[...] auch allen anderen Entwicklern von Anti-Spam Plugins: SpamForceField Wordpress Hashcash Bad Behavior Spam Karma [...]
[...] SpamForceField(http://dougal.gunters.org/blog/2005/03/29/plugin-spamforcefield) [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vía pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vía pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vía pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vía pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]
[...] SpamForceField: Plugin anti spam. Entre otras funciones permite bloquear las conexiones vía pinappleprox y comparar los nuevos comentarios contra una lista negra, denegando la conexión en caso de que el resultado sea positivo. [...]