Stopping Comment Spam

Written by Carl E. Reid on February 25, 2009

At a basic level, comment spam sometimes involves spammers manually typing spam into a blog comment form. This submission of spam is entered the same way as any regular reader. Although this allows a spammer to assume the same identity of regular commenters, this is a painfully slow process. The return on the investment of time dictates that spammers rarely use this method to post spam comments.

The more serious issue is automating the process of posting spam comments. This process is driven by custom scripts or software written to quickly produce a high volume of spam comments. This type of software becomes a spam producing machine.  It can submit thousands of spam comments in a very short period of time. This spam machine can hit multiple pages within many blogs.

These automated scripts don’t typically submit comments by going through the comment entry forms on your weblog. They are programmed to tap directly into a blog’s comment submission script.

Minimizing Comment Spam

  • Turn on comment moderation – This allows you to review all comments prior to them being publishing. Novice bloggers usually won’t know to turn on this feature of their blog.  This at least allows full control over what your public readers will view.
  • Obfuscate Comment Form – This does require an understanding of JavaScript and basic HTML coding. You may not completely be able to hide the name of your blog comment script or field value names within your comment forms, you can certainly attempt to obfuscate them. The way to achieve this is by using JavaScript to generate a comment form, or certain parts of it.  Spammers often use automated scripts that download the source code from blog pages. Then the spammers search the pages for the names of your comment script and form field names. If these values are obfuscated using JavaScript, the spammers’ spidering software needs to be able to parse and execute JavaScript to determine the correct values.  Obfuscating the form stymies the spam spiders.
  • Implement a Turing Test – Named after the early computer scientist pioneer, Alan Turing,  a Turing test poses a challenge that humans can resolve, but computers cannot.  Adding a Turing test to comment forms allows legitimate human commenters to pass through unhindered. Forms attacked by automated spamming software will receive no spam comments. The most commonly implemented Turing test is the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart).  CAPTCHA frequently come in the form of blurry images. Within the images are contained merged letters and numbers. Humans can read this CAPTCHA text field and enter the correct combination.  Automated optical character recognition software has trouble getting through.

About Carl E. Reid

Developing his career from the mail room to the board room, Carl E. Reid has achieved success by skillfully blending 40 years of technology and business intelligence experience with his passion for helping companies succeed. Carl is founder and CEO of NetTECH Systems Reid & Associates, Inc., an emerging technology consulting company located in the New York City area. One of his specialties is 15 years as a collaboration and email infrastructure consultant. He has implemented and supported Lotus Notes/Domino and other types of SMTP gateway/network configurations in small to large global companies up to 33,000 employees. Some of his clients have included IBM, Citi, JPMChase, Oxygen, LVMH - Moet Hennessy, MeadWestvaco, non-profits and professional organizations. Carl is a Savvy Business Owner, Public Speaker and Author. His articles have appeared in Network World, Computer Monthly magazines and hundreds of web sites. Combining business technology consulting with professional blogging, Carl specializes in advising clients how to best leverage the Internet as a tool for high impact visibility. Carl's speaking style combines humor with expertise, and his advice is always down-to-earth and practical. He personally publishes Library of Congress recognized newsletter blog, http://www.SavvyIntrapreneur.com and http://www.iTechSpeak.com. Carl wrote the original "Professional Blogger Job Description", being used as standard document within companies. As a business career coach, Carl teaches professionals how to run their career as a profitable business.
  • (required)
  • (required)