Some blog spam cases you might want to watch for

I like to think that I’ve got some pretty decent spam prevention measure in place on my server. My mail server uses RBL/DNSBL services and sets maximum limits for certain protocol violations. All my blogs use Akismet for comment spam detection. I’ve got a large number of entries in my comment moderation and blacklist lists. And I hook it all together into my SpamValve plugin, which automatically adds firewall rules to block repeat offenders.

Still, though, occassionally I get bursts of traffic that either aren’t detected by these measures, or that are detected, but the process of handling the connection causes excessive load on the system. When that happens, I typically add new code to my SpamValve plugin to automatically block future attempts at the firewall. Here are some of the things that have caught my eye recently that caused me to take action:

GET requests for trackback URIs
When WordPress detects a trackback using HTTP GET instead of POST, it redirects the client to the permalink of the associated post. But that’s all it does. I flag that as a possible spam attempt. If I get several of these from the same IP, I temporarily block that host at the firewall.
Bogus User Registrations
I once saw a flurry of fake user registrations on one of my sites. I’m not sure what the purpose was, but it annoyed me. User registration attempts get flagged. There’s no legitimate reason why I should get more than 5 user registrations from the same host in a 48 hour period. So if I see that happen, I block the host.
Direct (non-referred) posts to wp-comments-post.php
If an attempt to post a comment doesn’t have an HTTP Referrer that comes from this site, it’s flagged as a spam attempt. The comment is still processed normally, with the usual Akismet spam/ham checks, and if it doesn’t appear to be spam by other means, the comment appears on the site. But if more than a few of these come from the same host, the host will get blocked. Yes, there are personal firewalls and browser privacy extensions that strip the referrer information out. But I doubt that anybody using those is going to need to post more than 5 comments here in a 48 hour period. Still, this is probably the one rule of mine that is most prone to false-positives. But it’s not likely enough for me to lose sleep over it.
Too many spam comments from a host
And, of course, if a blog comment is flagged as spam by any of the usual means (i.e. by Akismet or any other spam detection plugins), the host is flagged. More than 5 spams from the same host? Blocked!
Mail spammers
Lastly, I monitor my mail server log. Any time a message is rejected by the anti-spam measures in place there, the client IP is flagged. Again, more than a few spam attempts from the same host earn a place in my firewall rules.

These are some of the things I look for to prevent repeated abuse. There are other things as well, that I consider slightly less serious. For example, I recently discovered that a MySpace user was hotlinking an image of mine. So I’ve put measures in place to ensure that unapproved sites can’t hotlink those particular images.

I’m still keeping an eye on my logs to catch other types of abuse that need blocking. Have any of you other spam warriors noticed any trends of abuse lately?

Egads! It’s Purple!

Halloween Digital Divas Theme

Susan’s spookalicious Halloween theme

A few months ago, I mentioned that my wife Susan had gotten her blog up, complete with a pink theme. She’s been pretty busy lately, what with taking care of our three kids, working part-time, and taking graduate classes (whew!). But she still managed to work on a Halloween version of her theme, which has been up for a short while now.

So, until further notice, enjoy her new, spookalicious, purple site!

Dilbert Creator Hacks His Own Brain

Scott Adams, creator of the Dilbert comic strip, has been suffering from an unusual condition for the last 18 months. It’s called Spasmodic Dysphonia, and essentially its a condition where your brain forgets how to talk. You may still be able to communicate by other means, singing, for example (because different portions of the brain are used to process singing than for normal speech). But for some individuals, normal everyday speech becomes limited, or impossible. Permanently, according to doctors.

My family and friends have been great. They read my lips as best they can. They lean in to hear the whispers. They guess. They put up with my six tries to say one word. And my personality is completely altered. My normal wittiness becomes slow and deliberate. And often, when it takes effort to speak a word intelligibly, the wrong word comes out because too much of my focus is on the effort of talking instead of the thinking of what to say. So a lot of the things that came out of my mouth frankly made no sense.

To state the obvious, much of life’s pleasure is diminished when you can’t speak. It has been tough.

After trying a few things, and discovering that he could still do public speaking in front of crowds (his loss was limited to normal, casual speech), he decided to experiment with the boundaries of his condition and see if he could force his brain to re-map his speaking ability. The amazing thing is, it worked. Essentially, he hacked his brain.

Syndactyly (Webbed Toes/Fingers) Forums

A few years ago, I made a post that mentioned in passing that I have webbed toes. About a month later, my logs started showing up a fair number of referals from search engines from people looking for info about webbed toes. So I promised that I’d try to put up a picture. A couple of days later, I posted said picture.

Since that time, those three posts have collected over 900 comments between them. It turns out that there are are lots of people (depending on how you define ‘lots’) who have syndactyly (webbed toes or fingers), but there isn’t a whole lot of information about it on the internet that’s easy to find. Some people are just surprised to find out there are others like themselves with webbed toes. Others are embarrassed by their toes and seek information on cosmetic surgery to correct the condition.

In any case, comments on blog posts aren’t the best venue for detailed discussion. With the recent announcement of the first official release of bbPress, I’ve finally set up some forums for more organized discussions. So, if you want to discuss any issues related to webbed toes (or fingers), visit the new Syndactyly Forums.

A Friendly Game of Hockey

This past Wednesday, I got to go see the Thrashers play the Bruins, courtesy of a visit from Geof Morris (thanks for the ticket, Geof!). Geof and I have known each other via the net for quite a while, and we have some friends in common from back when I used to live in Huntsville. But I’m pretty sure that this was the first time we had met in person. So, I finally got to check the ‘met’ box in my link to his site (well, one of his sites).

Geof was rooting for the Bruins, but surprisingly enough, the Thrashers won the game 4-1. But he wasn’t too terribly upset, because, after all, at least we were watching live hockey. That’s always good, no matter who wins. 🙂

Geof’s visit was hit-and-run — he arrived in town, waited patiently for me to finish up some stuff at my office, we went to the game, then he headed back towards Huntsville. It was fun, Geof. Maybe next time we get together, we’ll have more time to socialize.

Browsenberg Uncertainty Principle

Co-worker Stephen Touset has described what he calls the Browsenberg Uncertainty Principle:

As one increases the layout precision of a section on a webpage, all other sections of the page have their layouts perturbed by a proportional amount.

And its corollary:

The more precisely one specifies positioning and layout for a page in one browser, the less accurately every other browser will render it.

Make sure you follow the link and also read his example of a typical exchange between a customer and a web designer. It’s funny because it’s true.

If only we could get customers to read articles like 12 Lessons for Those Afraid of CSS and Standards. Especially “Lesson No. 2: It’s not going to look exactly the same everywhere unless you’re willing to face some grief… and possibly not even then.”

Happy Talk Like a Pirate Day!

Ahoy, me maties! It’s Talk Like a Pirate Day once again, and as I’m sure you’ve noticed, I’ve spruced my site up for the occassion. Around my office, I’ve been hearing a lot of “yarrr!” and “avast!”, as many folks have been getting into the buccaneering mood. Or maybe it’s just because they’re grumpy — it’s hard to tell on some days.

In any case, I hope you’re enjoying this fine holiday. And if you haven’t already, make sure to install my WordPress pirate filter! Arrrr!

Drinking the Ubuntu Kool-Aid

For quite a while, I had considered nuking Windows from my laptop and starting fresh. A few weeks ago, I finally took the plunge. I started with a full backup (two, actually — a file-by-file backup, and a partition image). I toyed with the idea of dual-booting, but finally decided that I’d try to go completely non-Windows, and see how well I could get by.

After hearing one of my co-workers rave about how impressed he was with Fedora Core, I was going to give that a try. But the DVD he burned for me wouldn’t install for some reason. So I decided to go with Ubuntu. This was probably just as well, as we use a lot of Debian Linux stuff at work, and Ubuntu is Debian-based.

I won’t bore you with details of the install (which went smoothly), or with detailed lists of what I’ve done to customize my system. But I do want to point out some good links and highlights for the curious. Especially what I did about those pesky “can’t-live-without” Windows applications.

Continue reading Drinking the Ubuntu Kool-Aid

Piratify Your Blog!

There’s only one week left until Talk Like a Pirate Day! If you haven’t already downloaded my Text Filter Suite, which contains the awesome tfs-pirate filter, then you’d better hop to it! What’s that? You want to know what it does? It turns your blog into pirate-speak on Talk Like a Pirate Day! Well, it does some other stuff, too, but we’re mostly concerned with the piratey bits here.

For example, if you typed this:

I was driving to my girlfriend’s house the other day, and some guy cut me off and almost ran my car off the road! I hate when people do stupid things like that. Don’t you?

Then it might come out something like this:

I were sailin’ t’ me girlfriend’s house th’ other day, and some lubber cut me off and almost ran me boat off th’ sea, avast! I hate when scallywags do daft thin’s like that. Don’t ye, and a bucket o’ chum?

Doesn’t that make you wish that every day was Talk Like a Pirate Day?