Yikes! New Anti-Spam Technique Not Working!

Posted February 10, 2007 at 9:44 AM by Ben Nadel

Sorry if any of you got spam comments emailed to you this weekend. Since I put my new anti-spam technique in place, about 15 or so spam comments have gotten through. A majority of them were from the same bot I think, so if I can stop this guy, then I think I would be good.

I have updated the ColdFusion code to tweak the reasons that form submissions will get blocked. I think this final step should be pretty good as it really attacks the reasons why spam bots are so effective - they are so darn fast! If this finally works, then I will write it up on Monday as it is soooo simple.

Fingers crossed again.




Reader Comments

Glen Lipka
Feb 10, 2007 at 8:17 PM // reply »
46 Comments
137 Points

Have you seen how they do it on PHPBB? (http://www.phpbb.com)

In the post submission, they have this layer over the textarea and you have to click on it to prove that you are human. It's very slick looking, but I'm not sure how it works.


Ben Nadel
Feb 11, 2007 at 8:11 AM // reply »
10,640 Comments
69,065 Points

That's cool, but I am dying to get something to work that doesn't require extra human action... maybe this is a pipe dream. I thought I was on to something, but it is proving unsuccessful. I will not be beaten just yet!


nitro2k01
Jul 31, 2007 at 4:14 AM // reply »
5 Comments
1 Points

How is your anti-spam code working out?
I have done something similar. Not only did I change the value of a form element, but I even renamed form elements. (By changing the name property of the element) The code is very obfuscated, so you'd need a real javascript interpreter to bypass my system. (Not just a fake one that looks for certain patterns)
My method has proven very successful. I have only gotten one spam eversince. (Which I suspect was posted by a hired Nigerian :p )

You can check it out at: http://gameboygenius.8bitcollective.com/wordpress/?p=53 (Check the source)

How I found you? I found this search in my referrer log: http://www.google.co.in/search?hl=en&q=new+antispam+techniques&meta= and you were on the first page too. (In the top even!)


Ben Nadel
Aug 5, 2007 at 5:38 PM // reply »
10,640 Comments
69,065 Points

@nitro2k01,

Cool technique. My technique is working OK. I get a few posts every now and then, but certainly not all that many. I like the fact that you rename the Name attribute - I wasn't even aware that the browser would allow you to do that.


Post A Comment

Comment Etiquette: Please do not post spam. Please keep the comments on-topic. Please do not post unrelated questions or large chunks of code. And, above all, please be nice to each other - we're trying to have a good conversation here.

Please review the following issues:

Author Name:
Author Email:
Author Website:
Comment:
Supported HTML tags for formatting: <strong>bold</strong>   <em>italic</em>   <code>code</code>







  • Help Wanted - Find Your Next ColdFusion Job
InVision App - Prototyping Made Beautiful With Prototyping Tools Ben Nadel's Company - Epicenter Consulting Recent Blog Comments
Bartezz
Feb 10, 2012 at 7:21 PM
jQuery AJAX Strips Script Tags And Inserts Them After Parent-Most Elements
Update! Instead of $(eval(options.insertAfter)).after(data['insertData']); I now use: var ajaxNode = document.createElement('span'); var parent = $(eval(options.insertAfter))[0].parentNode; ... read »
Bartezz
Feb 10, 2012 at 6:18 PM
jQuery AJAX Strips Script Tags And Inserts Them After Parent-Most Elements
encountered this same, what I consider, jQuery bug last week. I'm building a site in which I load some content via AJAX. This content contains Linkedin share button placeholders which Linkedin API ne ... read »
Drew Wells
Feb 10, 2012 at 11:30 AM
Cross-Origin Resource Sharing (CORS) AJAX Requests Between jQuery And Node.js
After you understand the concepts here, this is an awesome cheatsheet for enabling CORS in just about anything http://enable-cors.org/ ... read »
JM
Feb 10, 2012 at 9:10 AM
My Safari Browser SQLite Database Hello World Example
@Amy, Here is a very good tutorial on how to use JOIN: http://www.sqltutorial.org/sqljoin-innerjoin.aspx ... read »
Stefan Richter
Feb 10, 2012 at 4:42 AM
Building A Twitter-Inspired RESTful API Architecture In ColdFusion
This is great, very useful Ben. I spotted a small typo in the api.cgm listing: <cfthrow type="Unauthroized" /> Cheers Stefan ... read »
Hugh
Feb 9, 2012 at 10:35 PM
CFDirectory Filtering Uses Pipe Character For Multiple Filters (Thanks Steve Withington)
I was wondering if there would be a filter you could apply so that you got everything but what you included in the filter. As in show me all docs that are not a .pdf. ... read »
Stephen
Feb 9, 2012 at 10:29 PM
Learning ColdFusion 9: Application-Specific Data Sources
@Ben, No offence, but if people were really wanting advanced features they would be using a platform like ASP.NET MVC. CFML is so structurally compromised as a tag-based scripting language that ... read »
Nathan
Feb 9, 2012 at 10:03 PM
Subversion - Cleanup Failed To Process The Following Paths
@Leviaguirre, do you still have problems with this? ... read »