Dougal Campbell's geek ramblings

WordPress, web development, and world domination.

Plugin: SpamForceField

SpamForceField is my newest anti-spam plugin for WordPress. This one does a couple of interesting things:

  • All connections via pinappleproxy are denied.
  • Every connection’s Referer is checked against your blacklist keys. If a match is found, the connection is denied.
  • If a comment is flagged as ‘spam’ due to the normal spam checks, the client receives a 403 Forbidden HTTP status. This also occurs for connections denied in the other two checks above.
  • When connections are denied, the client receives a message explaining what has occurred. It contains a link to check if their connection is through an open proxy and an obfuscated reference to the site admin’s email address. (e.g., “joe (at) example (dot) com”).

I actually wonder if sending a 404 Not Found status would be more effective, as it might trick some spammers into thinking that your site was gone. However, the 403 Forbidden status is more semantically correct. Use of a 404 code for this could mess with analysis of your web logs in confusing ways.

Over about the past week, I’ve been tweaking this plugin and also analyzing sources of spam, and blocking the most abusive hosts and networks with firewall rules (ipfw on my FreeBSD server). This has virtually eliminated (so far) the appearance of referer spam in my stats. Plus it gives me a warm fuzzy to know that all those connections are being rejected.

I can suggest that you add the following strings to your Comment Blacklist (Options/Discussion):

  • -poker
  • poker-
  • tx-holdem
  • texas-holdem
  • tigerspice
  • -2005.com
  • .wslp24.com
  • conjuratia.com
  • .loveseo.com
  • buy-2005
  • firsthorizonmtg.com
  • government-grants.org
  • government-grants.ws
  • business-grants.org

There are plenty of others, but these account for most of the referer spam I’ve been seeing recently. Also, if anyone wants to share their moderation/blacklist keys via Mark’s XBN Plugin, please feel free to get in touch.

If you’ve read this far, you’re probably wondering where to download it? How about right here: txt, phps.

Note that the file is named 000-SpamForceField.php. The reason for naming it with the three leading zeros is that WordPress loads plugins in filename sort order. We want this plugin to load as early as possible, so we force it to the beginning via the funky filename. In my case, I wanted the SpamForceField to intercept spams before BAStats had a chance to log anything.


Update: I’ve received some reports that this plugin is issuing the 403 status when comments are flagged for moderation, not just when they are flagged as ‘spam’. This behavior is not correct. If anyone can help me debug this, I’d appreciate it, since I’m buried with Real World problems at the moment.

Update 2: I’ve updated the plugin to version 1.1, with a slight change which should take care of the problem of getting the Warning: Missing argument 2 for deny_spammer() message when a comment is posted.

About Dougal Campbell

Dougal is a web developer, and a "Developer Emeritus" for the WordPress platform. When he's not coding PHP, Perl, CSS, JavaScript, or whatnot, he spends time with his wife, three children, a dog, and a cat in their Atlanta area home.
This entry was posted in Blogs, Plugins, Security, Servers, Software, Spam, Tech, WordPress and tagged , , , , , , , , . Bookmark the permalink.

50 Responses to Plugin: SpamForceField

  1. Pingback: blivet 2.0

  2. Pingback: The War on Spam

  3. Andy Skelton says:

    I don’t know how many false positives happen, but I hate to think that I might be turning a non-spammer away from the entire page. What about disabling the comment form for suspected spammers? This way a false-positive can still read the site and if they want to get in touch they can find the contact page. Is this a good idea or am I missing something?

  4. macewan says:

    We’re giving this a try at washingtonnc.org – just wanted to drop a note to let you know.

  5. Ozh says:

    I’ve written an anti refer-spam script, and to blocked connections I’ve decided to return a 404 instead of a 403. Who cares about semantics here, it’s all about hoping that spammers are checking their bot logs (they probably aren’t) and making them think the site is gone.

  6. craig says:

    Dougal,
    I just saw this on my dashboard, and I’ve installed it. Will be interesting to see what happens. Thanks for putting it together.

  7. ben says:

    Hi

    This sounds really good for me but I get the error anytime someone tries to comment.

    Warning: Missing argument 2 for deny_spammer() in /home/.oedipus/binarysun/binarymoon/wp-content/plugins/000-SpamForceField.php on line 60

  8. Dougal says:

    Andy:

    Yes, false positives can occur, which is why it is important to be careful what you put in your blacklist keys. And yes, this plugin will prevent access to even read posts on your site, if the client is connecting via pinappleproxy or their referer contains a blacklisted phrase. That is by design, though. However, this is why I made the concession of providing a friendly error message explaining the situation.

    Ben:

    I’m not sure why you’d be getting that error, unless there was a bugfix between the WordPress 1.5 release and the current SVN code which I’m running. That error indicates a problem with the action being called from the comment_post hook. You could just try commenting out the add_action() call near the beginning of the plugin, as a temporary workaround.

  9. Alderete says:

    Dougal, nice plug-in!

    I notice that the URI for the plug-in (in the WP plug-in comments header) is incorrect, looks like you changed the post_name for the posting after you started the plug-in.

  10. Jon says:

    What is the point of having two p.o.k.e.r.s?
    # -.p.o.k.e.r.
    # p.o.k.e.r.-.
    Will not the just word p.o.k.e.r. be enough?

  11. Dougal says:

    If you are absolutely sure that there will be no legitimate comments on your site that mention poker at all, that’s fine. Most of the spammed sites with ‘poker’ in the URL have a dash before or after, though. So it’s a good way to be just a little more specific.

  12. Pingback: GatorLog: A Blogger’s Monologue » geek ramblings » Plugin: SpamForceField

  13. Pingback: nf0’s Life » Blog Archive » links for 2005-03-31

  14. Pingback: empdesign » Blog Archive » Plugins Wp

  15. Sparky says:

    Dougal,

    When I activate your plug in, I get this error at the top of my admin panel… I deactivate it and refresh teh screen and it goes away. I just upgraded to WP 1.5.1.1 so that may have something to do with it…please advise – thank you!

    Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 10

    Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 11

    Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 12

    Warning: Cannot modify header information – headers already sent by (output started at /home/sparka64/public_html/wordpress/wp-content/plugins/000-SpamForceField.php:1) in /home/sparka64/public_html/wordpress/wp-admin/admin.php on line 13

  16. fastmirrors says:

    Sparky: you must change in php.ini this command

    —————————-
    output_buffering = On
    —————————-

  17. I have a huge problem with refferer spam. Do you know if spammers check their logs to see if you clicked on the link in your stats? I wonder if that keeps them coming? Good luck.

  18. Alan Kellogg says:

    My browser insists on downloading the plug-in as an HTML file. No matter what I do I cannot download it as a PHP or TXT file. I know it’s a small file, but code you zip it up?

  19. Pingback: Blog » Blog Archive » Wordpress Antispam Plugins

  20. Pingback: 2000 Lux sur le Net > Spam spam spam… Encore ?

  21. Pingback: lapedrada.es.kz » Plugins para WordPress

  22. Anthony says:

    I have found the app the refferer spammers use.

    MagicTrafficBot.com

  23. Dougal says:

    I’m sure that tool is just one of many that do the same thing. It’s drop-dead simple to write a tool that generates referrer spam.

  24. Pingback: Enfim… » Spam

  25. Pingback: Profesor Blog » Los Mejores Plugins Para Worpress

  26. Mike says:

    Akismet works great. I am using it on my wordpress and drupal websites.

  27. Dan Bradstreet says:

    We’re giving this a try at smartlinks.us – Also I amm sick and tired of spamers stealing “scraping” my anchor text with ever constant changing Ips, Help.
    Dan Bradstreet

  28. Pingback: A Daily Rant » Blog Archive » Net Access Stopped

  29. Pingback: » Enchula tu Blog,Plugins Para Worpress Información Tecnología Internet y Gadgets

  30. “Akismet works great. I am using it on my wordpress and drupal websites” I must agree to Mike i also use Akismet on one of my new blogs (2.2 wordpress) and it works great 99% of spam comments are deleted!

  31. Marc says:

    I have also Akismet running, but a few spam comments are coming through.
    Does someone with Akismet has also SpamForceField running?

  32. Well I will try it on my wordpress blog.

  33. Pingback: WP Plugins DB » Plugin Details » SpamForceField

  34. manele says:

    i love it! now my blog is clean! thank you for your work!

  35. Jeff Baker says:

    How does SpamForceField compare with Akismet for wordpress? I am using Akismet on my personal blogs but looking for some spam solution for commercial blogs :(

  36. Mario says:

    Thanks to this plugin my blog is spam free after activating it!

  37. Pingback: Kill More People » Blog Archive » WordPress Spam

  38. Pingback: Capturing Blog » Wordpress Plugins/Spam Tools

  39. Pingback: La Mansion » Blog Archive » Plugins Wordpress

  40. There are some good and some bad Plugins! This is a very good thing!
    Especially that the Referer is checked! I Like It!
    I have the running the askimt, the Spam Karma and an especial Captcha – so now i thinks there ist no way to come through this all! ;)

  41. Pingback: 282 plugins para WordPress (5ª parte de la R a la Z) | Pichicola.com

  42. Pingback: Más plugin para Wordpress « El Cubanito Web

  43. Spammers are killing me. Excellent post.

  44. Franz says:

    Best way is to use plugins. There are plenty that prevent spamming and they work pretty well. Out of 500 spam comments, only 5 would be able to get through it. Sure, the 5 comments are annoying, but it’s still 495 less right? ;)
    http://www.buyinpoker.com

  45. Pingback: Oloroko Blog – Lista de Plugins para Wordpress

  46. Pingback: Plugins para Wordpress. | Puydi Publicidad 100% efectiva

  47. Pingback: Plugins para Wordpress «

  48. Pingback: Los mejores Plugins para Wordpress no documentados | FOTO - VIDEO

  49. rokon says:

    I encounter the same problem before and I’m really glad that I was able to find a solution thru this post. Hope to see more post from you discussing stuffs like this!

Leave a Reply

%d bloggers like this: