Jan 142009
 
Part of the Wonderful WordPress Wednesdays Series - Previous in series         

Welcome to the twelfth installment of my Wonderful WordPress Wednesday series.

With more than 20 blogs to watch over, comment spam has become quite the annoying time killer of late.  With more than 200 Akismet entries to sort through each day it became clear that something else had to be done, so I had a quick consult with friends who do managed IT services in Calgary and headed into the ether to find a solution.

My first stop was, of course, the WordPress plugin directory.  Unfortunately, searching on “spam” returns 117 of the 3,870 plugins currently listed there.  Not exactly a bullseye solution to the problem.  So I headed into the WordPress Codex ehere I found their Combating Comment Spam page with the following suggestions-

  • Akismet – Akismet was already keeping the majority o fthe spam off my blog, but I was still forced to sort through it in search of false positive.
  • Settings > Discussion –
    • Here there are multiple options to automatically detect spam: number of links, spam keywords, blacklist.  Alas, when detected, it was just dumped into the Akismet area for me to sort through later.
    • Moderate All Comments – This would create even more work for me, essentially labeling everything as spam.  Not exactly a timesaver and not really user friendly, either, IMO.
    • Pre-approve only “old” commenters- Since I don’t have many ‘regular’ commenters this would still require far too much moderation time.
    • Restrict Comments To Registered Users – not only user-unfriendly, but I really have no desire to have dozens or even hundreds of people with user accounts on my blog(s).
  • Delete wp-comments-post.php and/or wp-trackback.php -Again, not exactly user friendly.  I’m trying to encourage more comments, not remove them all.  Besides isn’t this just giving in to the spammers?  I’d rather let them run rampant than shut out my actual readers.
  • Use rel=”nofollow” – this has never actually been effective in stopping comment spam.  The bots simply don’t care.
  • Deny access with .htaccess – Now that seems interesting!
    • Deny Access to Spammer IPs/Referrer Spammers – Again, too labor intensive what with the need to collate and enter individual IP addresses and referrers.
    • Deny Access to No Referrer Requests – I think we have a winner!

Here’s the relevant section of The Codex-

When your readers comment, the wp-comments-post.php file is accessed, does its thing, and creates the post. The user’s browser will send a “referral” line about this.

When a spam-bot comes in, it hits the file directly and usually does not leave a referrer. This allows for some nifty detection and action direct from the server. If you are not familiar with Apache directives, then write the following in your root directory .htaccess file::

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

This will:
1. Detect when a POST is being made
2. Check to see if the post is on wp-comments-post.php
3. Check if the referrer is in your domain or if no referrer
4. Send the spam-bot BACK to its originating server’s IP address.

After reading that over it seemed to make perfect sense to me.  A simple but elegant solution t ospambots.  Five minutes later I had added the relevant code to my .htaccess file and expected to never hear from comment spammers again.

However, the next morning, my Akismet spam queue was full of over 100 messages again.  The only thing different was that not a single one of them was a false positive or even questionable.  Every single one of them had been left by a spambot.  Clearly this simple but elegant solution wasn’t working.  So I headed off to find another solution.  The worst part, however, was something I didn’t realize until a full two days later: the .htaccess changes were blocking regular comments!  I think this was because I don’t use the normal comments.php, instead using a custom one from a comment plugin, but regardless, it wasn’t helping block the spambots anyway, so I just wiped it clean out and immediately was able to receive comments again.

My next “great find” was Yet Another WordPress Anti Spam Plugin (YAWASP).  Unlike the vast majority of anti-spam plugins out there, YAWASP did not require Javascript or cookies (which many of my visitors have disabled) or a CAPTCHA (which I and many of my visitors hate), but instead, was entirely transparent to the regular user.  Its primary means of spam detecting is to add a “hidden” field that the bots will see (and complete) but is invisible to the human eye on the rendered page.  I use this same type of anti-apam system to keep spammers from registering on the various forums I’ve over the years and it works great.  So I was exited to see it available for WordPress as well. Unfortunately, i couldn’t get it to work.  No matter what I did it kept insisting that every comment was spam because it’s author had somehow entered data into the “hidden” field.  Exceedingly frustrated at this point I removed it and took a nice long break.

Finally I decided to see what other long term bloggers were doing and with a little poking aruond in Google Blog Search I finally came across several positive article about the Bad Behavior WordPress Plugin.  Like Akismet and YAWASP, Bad Behavior is transparent to my actual readers.  However, unlike them it was as simple as install and activate.  I haven’t received a spambot comment since!  Regular comments still seem to be getting through and spam that is manually left still shows up (though it tends to get caught by Akismet).  Best of all, in the last 24 hours I’ve only had to clear less than a dozen comments from my various Akismet queues.  Now that is protection.

Yeah, I know that was a long way to go for what could have been a simple single paragraph post.  But I wanted y’all to understand that I share your frustrations.  Now, hopefully, you can avoid all of my pitfalls and wasted time and simply install Bad behavior to begin with.  The only question remaining is why is Akismet distributed with WordPress when Bad Behavior is not?

Reblog this post [with Zemanta]
Part of the Wonderful WordPress Wednesdays Series - Previous in series        
Dec 112008
 

It’s not exactly news that I’ve been far from happy with Izea, PayPerPost and SocialSpark for some time now. I actually abandoned writing for them for about two months, but have returned as they’re still one of the most consistent money makers available to me on the web. Unfortunately, things have only gotten worse over at Izea.

The last time I wrote about PPP was back in August related to Izea’s love of PageRank and how they’ve further embraced it instead of abandoning it as they had promised when Google attacked the bulk of their bloggers.  It seems good old Ted Murphy has decided that PayPerPost’s original critics were right and it really is all about selling PageRank and text links and actually has nothing to do with quality bloggers writing thoughtful and detailed reviews about products and services.  Why would I say this?  Well, according to Carri Bright (Izea’s Communications Diva)

The good news, though is that as of tomorrow (12.11.08), Tack Rating is no longer going to be a segmentation factor for Opps in PPP. So, while you may still receive a ban (deserved or otherwise) this will no longer affect your ability to take Opps from OTHER advertisers or lower your Tack score.

If you’re unfamiliar with PPPs workings, a ‘tack’ is the rating system advertiser’s have to give feedback on how well the blogger performed their duty when taking the advertiser’s opp (opportunity / sponsored post). Up until now, advertiser’s have been able to require a minimum average tack rating before a blogger could take one of their opps. This system allowed better blogs to (theoretically) rise to the top as an advertiser could require a 4 or 5 tack rating, leaving out all of those who previous advertisers have rated one or two tacks for poor English skills, outright lies, or rule bending.

The system was far from perfect, but was at least based on advertiser input and not the conflicted interest of PPP’s “reviewers” who (according to this ongoing thread) don’t seem very interested in disqualifying low quality blogs or even outright frauds and cheats.  In the past advertisers could allow even the one tack rated sploggers take their opps of they so chose, but now every PPP advertiser is required to let anyone and everyone who manages to game the (seriously broken) PageRank and RealRank systems get paid for linking to their website despite the quality of their writing or ability to follow simple instructions.

Nov 212008
 

Blog Pictures | acobox.com Earlier this year I started making a concerted effort to include more photos here at Philaahzophy.  I did so not only because I started taking more photos in my personal life, but also because I had read that blog posts with images are more widely appreciated by blog readers at large.  Well, I’m certainly not ready to say that it was putting in the photos that made the difference, but I can attest to the fact that my traffic has increased dramatically in the last six months and that the few people I’ve asked about it have assured me that the blog’s more attractive in general.

Of course, this focus on pictures does present a whole new set of problems: where do I find appropriate pictures?  How much is that additional bandwidth going to cost me?  How much extra work is it going to be to post those photos?  These questions are no longer an issue for those who have discovered acobox.com.  They’re a site dedicated exclusively to providing blog pictures to bloggers. Although the selection isn’t tremendous at the moment, the service is free and easy to use.  You just browse through their galleries, click a few buttons and paste the code into your blog post.  It took me less than than five minutes to register an account, find an image, and paste it in this post (that’s it up above 😉 ).

Sep 292008
 

Greetings! And welcome to the premiere edition of the weekly ForumFinder Blog Carnival!

We’re a little light on submissions this week, but that just means we’ve got room to grow! Each week we will feature the best blog posts written by members of the Forum Finder community.

What’s ForumFinder, you ask?  Well, Breezie has those answers for you in The ForumFinder Forums, which covers “A little bit of the history behind ForumFinder”, posted at Just shooting the breeze with Breezie.

The short version?  It’s a place where netizens try to help each other out.  For example, Izea Bloggers at My Thoughts, Ideas, and Ramblings wants to know what you think about Public vs Private School.  This blog post has been on fire all week with people from every walk of life weighing with opinions one way or the other.  It’s one of those great experiences when the comments are as entertaining and informative as the original post itself.

We’re not “all serious all the time” over at ForumFinder though, as Christina thecoffeelady  of CoffeeCoffeeCoffee (notice a theme there?) makes clear in her recent post It happened again!

Okay, that’s just “internet fun”.  What about “the real world”?  Well, how ’bout seeing what Aahz has to say about last weekend’s Taste of Morgan Hill Street Fair over at Aahz Reviews Morgan Hill.

That’s it for this week. Hey, I warned you it was a bit light! If you’d like to be included in next week’s edition check out the blog carnival homepage for the guidelines, then submit your article via carnival submission form. The deadline for next week’s edition is Friday, October 3rd at 9pm (Pacific time) and it will be published at Aahz Reviews Morgan Hill next Monday.

Sep 262008
 

A few weeks back a friend pointed me to ForumFinder.net.  I have been unable to thank them enough for doing so.  As the name implies the website is actually a forum, but it doesn’t only deal with forums.  In fact, more and more it (like the internet itself) is being taken over by bloggers.

Essentially, ForumFinder is dedicated to helping its members promote their online projects – be those forums, traditional static websites, blogs, or pretty much anything else online.  It really is a great group of people that are interested in both sharing the hard lessons they’ve learned and pushing other members to excel in all ways.

In trying to find a way to give back to this new community I now call home I decided that the best thing for me to do would be to create the weekly ForumFinder Blog Carnival.  All of the rules and guidelines are available on the carnival homepage (check my right sidebar, or just click the link in the last sentence), and if you have any questions or comments you can submit them in the forum thread dedicated to the carnival here.

The deadline for the first edition is tonight at 9pm (Pacific time) and there’s still plenty of room for your best blog post of the week!   But if you read this late don’t worry, because we’ll be having one every week.  Articles can be submitted at BlogCarnival.com.