Tue, August 10th, 2004 by Sara Ang
(I don't know if a similar thread has been posted already and I'm too lazy to look through the archives.)
Does anyone else have this problem? If I don't go online for a couple of days and then check my mail I notice about 20-40 new comments on my photos and 90% of them are spammers that want to advertise a site where you can play online poker. I try to delete them as soon as I get them but lately I've noticed I can barely keep up with them anymore.
Is there anything I can do except ban their ip adresses in MT? Because that doesn't seem to solve the problem in the long run...
August 10th, 2004 at 11:06 am
MT-Blacklist (http://www.jayallen.org/projects/mt-blacklist/) is by far the most effective tool I've used to block comment spam. Like anything else, it's not 100% fool-proof, but it works very well. Unlike the banlist in MT, MT-B compiles a list of strings commonly found in comment spam, such as URLs, email addresses, and even keywords, in addition to IP addresses - which are not always static. MT-B is currently only available for pre MT 3.0D installations, but will be made available soon for 3.0D+ installations soon.
Good luck!
August 10th, 2004 at 11:06 am
MT-Blacklist:
http://www.jayallen.org/projects/mt-blacklist/
Easy to install and use
August 10th, 2004 at 12:13 pm
It could be worse. It could have been for 'natural male enhancement' or something retarded like that. I use MT-Blacklist as well. I haven't had a problem since.
August 10th, 2004 at 12:15 pm
wow that is good to know! Thanks for sharing MTB with us I didn't know about it.
August 10th, 2004 at 12:16 pm
I've been having the same problem lately, and the bad news is that I'm using MT 3.0, so I can't use Blacklist until the new version comes out. I can't wait, really.
August 10th, 2004 at 12:19 pm
It's strange. When my site first went up in June of this year, I had probably 8 or 10 spam comments in my first week or two. But then all of a sudden, I've had none ever since.
I'm using MT v2.661 so the Blacklist doesn't affect me. I'm wondering if because so many other people ARE using it that the people who do most of the spamming have pulled back some of their attacks. I guess according to your accounts, maybe not... but I don't get THAT much traffic as it is, so that is probably the reason.
I'm not going to complain about it... no spam is good spam.
August 10th, 2004 at 12:24 pm
Blacklist is the best way to go -- I've had minimal spam issues since I installed it. I know the new version is soon to be released for MT 3.X...
August 10th, 2004 at 12:27 pm
Up until recently I've been using MT Blacklist, and it has stopped the majority of spam on my site, but what made a much bigger difference was renaming the comment script. A good proportion of comment spam is generated automatically; i.e. a spam site will try to automatically contact your comment script which normally resides at:
http://yourURL/cgi-bin/mt-comments.cgi
If you rename the script you stop the automatic spam in its tracks. You can rename this file anything you like (death-to-spambots.cgi) but you a) need to retain the cgi extenstion (I think), and b) also need to make a change to your mt.cfg file (which resides in your cgi-bin directory. You need to look for the following block of code (normally at around line 296):
# CommentScript mt-comments.cgi
# TrackbackScript mt-tb.pl
# SearchScript mt-search.pl
# XMLRPCScript mt-xmlrpc.pl
# ViewScript mt-view.pl
... and make two changes. First, uncomment the first line by removing the hash symbol; i.e.
CommentScript mt-comments.cgi
... and second, change the filename to match your renamed version; e.g.
CommentScript death-to-spambots.cgi
This has made a huge difference on my site. Hope it helps.
August 10th, 2004 at 12:29 pm
oh, I should have said that I've used this with v2.661 so don't know if it will work with v3.0. If the files are still the same then I don't think there would be a problem. And if it didn't work you could always change it back anyway.
August 10th, 2004 at 12:45 pm
i'm using mt-blacklist as well as mt-bayesian. the bayesian filter is agressive (perhaps too agressive), and i'm not sure it's a good idea to train it on what's left after mtb has done it's thing (the data is rather sparse at that time), but anyway... THE great benefit from using mt-bayesian is that it provides excellent overview/handling of the comments.
August 10th, 2004 at 12:51 pm
i forgot to thank dave for showing how to rename the comment script; thanks alot! i've been meaning to do that on my site for a while, but i haven't figured out just how to do it...
August 10th, 2004 at 1:07 pm
Dave,
In MT 3.0 I have this:
# AdminScript mt.pl
# CommentScript mt-comments.pl
# TrackbackScript mt-tb.pl
# SearchScript mt-search.pl
# XMLRPCScript mt-xmlrpc.pl
# ViewScript mt-view.pl
I'm not sure it's the same, as there's no mt-comments.cgi file there. Instead I have mt-comments.pl
What do you think?
August 10th, 2004 at 1:39 pm
Thanks for all the tips! That MT-blacklist sure looks good. I will have to try and install that.
Johnny, I do get the natural male enhancement one's too. I just didn't feel like using it as an example. ;(
August 10th, 2004 at 1:41 pm
Rainking: I've just checked your blog and you have the script located as follows:
http://www.round-here.net/blog/mt-comments.cgi
I would suspect (though am by no means certain), as it isn't in /cgi-bin/, that you're probably safe from automatic attacks anyway so there probably isn't too much point in renaming it.
August 10th, 2004 at 1:41 pm
djn1,
I will try that aswell. Thanks!
August 10th, 2004 at 1:44 pm
Then I guess my attacks are manual.
Thanks anyway.
August 10th, 2004 at 1:50 pm
For someone who's completely MT disabled, like myself, how do I install MT blacklist? I've downloaded it... do I just upload the files to my cgi-bin folder?
August 10th, 2004 at 2:20 pm
Sara,
Just follow the instructions here:
http://www.jayallen.org/projects/mt-blacklist/latest/index
August 10th, 2004 at 2:24 pm
darn, i couldn't get the comment function to work once i'd renamed the files... how can i make sure that my changes are propagated correctly, e.g., that the variable holds the new value instead of the old?
August 10th, 2004 at 2:27 pm
Sara,
you should also rename your comment script. I just checked my MT Activity Log and in the 10 days since I renamed the script there has only been one attempt to spam my site. In the 24 hours prior to me making the change there were 225!!! Admittedly, most of those were from only a handful of spam-bots, and all were blocked by MT-Blacklist, but it has made a huge difference. And it also means that I don't need to be quite so religious about keeping MT-Blacklist up-to-date.
August 10th, 2004 at 3:21 pm
I am not sure I understand this renaming script business. I am been visited a LOT lately by bob our gambling pimp and I want to stop him, but he keeps getting through.
could someone take a few minutes to explaint to me in Im or in email how to rename? I need to be explained something in person or do it as somone talks me through it once in order to understand it, then I do.
I would really appreciate it!
cheryl@anopenshutter.com
August 10th, 2004 at 3:24 pm
RainKing, thanks!
dj1n,
I will try to fix that aswell but just as Cheryl say,: I need to have things explained to me very detailed and with a lot of patience. heh.
I did manage to install blacklist and I can't wait to see if it will work!
cheryl,
bob seems to be my biggest fan at the moment too...
August 10th, 2004 at 4:06 pm
I HATE BOB!!!
August 10th, 2004 at 4:46 pm
OK, here's how it works:
mt-comments.cgi is the cgi scriph that MT uses to generate the comments on an MT blog, and normally (i.e. a default installation) it resides in the cgi-bin directory, e.g.
http://www.chromasia.com/cgi-bin/mt-comments.cgi
Most spammers, and certainly the ones that use automatic methods to spam your blog, know that this is where the script is and contact it directly; i.e. they don't log onto your blog, they don't look at the images, and they don't read anything that anyone has written, they simply set their programme running and it trawls around the net looking for mt-comments.cgi scripts. When it finds one it posts a comment.
So, if you rename the script the spam-bot (the programme that automatically spams your blog) can't comment your blog because it doesn't know what the comment script is called. An individual visiting your blog can work this out, but the programme can't. The net result of which is that you get way less spam.
As for the renaming: it's really easy. Assuming you have an ftp client (i.e. the programme you use to upload images to your server) simply log-on, navigate to the cgi-bin directory, and change the name of mt-comments.cgi to something else, e.g.
my-comments.cgi
xxxxx.cgi
no-more-spam.cgi
... or whatever.
Then, using some sort of text editor, open the file called mt.cfg (which is also in your cgi-bin directory) and make the changes I mentioned above:
Look for the following block of code (normally at around line 296):
# CommentScript mt-comments.cgi
# TrackbackScript mt-tb.pl
# SearchScript mt-search.pl
# XMLRPCScript mt-xmlrpc.pl
# ViewScript mt-view.pl
... and make two changes. First, uncomment the first line by removing the hash symbol; i.e.
Change:
# CommentScript mt-comments.cgi
to:
CommentScript mt-comments.cgi
... and second, change the filename to match your renamed version; e.g.
CommentScript my-comments.cgi
CommentScript xxxxx.cgi
CommentScript no-more-spam.cgi
... or whatever.
If you get stuck email me at djn1 AT chromasia DOT com. I won't be around for much longer this evening, nor for much of tomorrow, but I will get back to you.
August 10th, 2004 at 5:05 pm
Djn1's tutorial might make a good addition to the Tips and Tricks area in the wiki. (Nudge, nudge, wink, wink.)
http://wiki.photoblogs.org/Tips_and_Tricks
August 10th, 2004 at 6:59 pm
djn1: automated spammers don't only look in cgi-bin/ (my script is in the root directory of a whole other subdomain and they found it). So RainKing might still be getting automated spam.
Renaming mt-comments worked for me, MT blacklist is great if you need it but I'd try (I tried) the simpler solution first.
This is also useful - a script to close comments in old posts in bulk (something MT should probably include):
http://www.rayners.org/2003/12/27/closing_comments_on_old_entries/index.php
August 10th, 2004 at 7:48 pm
"Djn1's tutorial might make a good addition to the Tips and Tricks area in the wiki. (Nudge, nudge, wink, wink.) :)"
OK, give me a few days (or thereabouts) and I'll put something up
August 10th, 2004 at 7:58 pm
Oh man, I did a LOT of research on how to stop spam before I setup an MT (I'm using 2.661) blog. Here are a couple of GREAT links that you may want to read:
http://cheerleader.yoz.com/archives/000849.html
http://charles.gagalac.us/movable-type-tips/ (this is a great link dump for all MT stuff)
http://www.elise.com/mt/archives/000246concerning_spam.php
http://golem.ph.utexas.edu/~distler/blog/archives/000236.html
If you're interested in the whole methodology to stop comment spam read this:
http://diveintomark.org/archives/2002/10/29/club_vs_lojack_solutions
Here's a good link on how to code an e-mail link so that spam harvesters have a harder time (it's not 100% effective) grabbing your e-mail address if its linked:
http://www.healyourchurchwebsite.com/obfuscator/index.cgi
MT-Blacklist for MT 3.0x should be out later this month, Jay Allen just made an announcement about it here:
http://www.jayallen.org/comment_spam/2004/08/the_new_plan_and_mtb_v165
I'm posisitve that there is much more gerat advice splattered across the web, but following the advice in these links have made my blog 100% spam-free.
Frederik: I'm willing to bet you didn't change the permissions to your newly named comment script. CHMOD it to 755 (I think), save it, then rebuild ALL of your files and you should be good to go.
If anyone has any questions about all of this you can e-mail me at rod@photovox.com
August 10th, 2004 at 8:37 pm
Djn1: Thank you so much!
August 10th, 2004 at 11:49 pm
I just found out about these spam-bots tonight.
thanks for the info guys!
August 11th, 2004 at 12:14 am
I never really got much spam with my old blog, maybe 2 to 5 messages a day...the annoying part was cleaning them up. Ever since I upgraded to MT3.0 and signed up for TypeKey authentication, no more Spam...
August 11th, 2004 at 3:45 am
Fredrik: oops, that's the problem of writing tutorials - there's always something you forget. Yes, you need to rebuild all your files as otherwise many of them will still contain the link to the previously named version of your comment script. My apologies if this has caused anyone any problems.
August 11th, 2004 at 3:55 am
Wow, it actually appears to be working when I made those changes to my codes. Thanks djn1!
August 11th, 2004 at 4:27 am
roderick,
the renamed script had the same access rights set as the original one; the problem shows up when i try to load the comments page (in a pop-up window), where it still refers to the comment script by the old name. don't know how to proceed with this one, and BOB's been posting a couple of hundred spams on my site the last 24h. sucks.
August 11th, 2004 at 7:06 am
Fredrik, in my template for my comment window (Comment Listing Template) I have mt-comments.cgi" so my guess is that you will need to change it there too.
Now I am off to rename a file cause I am sooo sick of Bob! ;o)
August 11th, 2004 at 7:39 am
OK, if you like me are scared you'll mess anything up and haven't upgraded MT, I still run 2.2x or something like that.
Anyway, there is no place to change it in mt.cfg. But you can do this:
change the name of mt-comments.cgi
change the name in the Comment Listing Template (it's in the comment form)
change the name on your Main Index (it's right where the link to comment appears)
I've commented on my own site, that worked and now we'll just have to see if it keeps Bob away. Otherwise I'll be forced to upgrade with "total mess" as a possible result. ;o)
August 11th, 2004 at 7:41 am
Ooops, it should be IN the Main Index. ;o)
August 11th, 2004 at 2:28 pm
Just realised that it needs to be hanged in the Individual Entry Archive too. Just change it everywhere you can find it. ;o)
August 11th, 2004 at 5:52 pm
maria,
i have the variable MtCommentScript in my templates, and it's that stubborn template that refuses to take on the correct value once i've renamed my comment script. sigh. bob's a bastard.
i'll give it another go later. it's probably just my brain that's over heated.
August 12th, 2004 at 9:53 am
~the new upgrade in MT has a comment approval feature, it works wonders to eliminate the spam comments from showing up and only takes a few minutes to use; banning IP's does nothing, the spammers are only using IP addys from people's machines they are tapping into~
August 12th, 2004 at 11:58 am
MT 3.1 comes out on 8/31 and includes the new version of MT Blacklist, along with a lot of other new features (post-scheduling for example). Check out the movabletype.org website.
August 14th, 2004 at 9:21 am
Hold on just a second -- I hope you're not referring to *this* bob! I swear, it wasn't me...
I can't emphasize how great MT-Blacklist is -- and I think Brad's getting pretty close to final release...
August 18th, 2004 at 6:32 am
mt-blacklist v2.0e is out:
http://www.jayallen.org/comment_spam/2004/08/mtblacklist_v20e_released
thanks for the hard work jay.