Site abuse
by Volker Weber
If you are running a site like this you will face a lot of abuse. There are now almost a thousand attempts to post spam comments every single day, up 100 % from last month. Trackback spam is probably not better.
Then you have abusive spiders like this one. They come in lying about their identity, so you already know what's going on. This particular one originates from 70.87.198.50 in Dallas, TX:
I have already blocked the same bot when he came in as 72.87.198.50 and I must assume this is only the beginning. It has already adjusted to my threshold of maximum 15 page requests per minute.
One of these days, when I am tired of these jerks, I will just shut the site down.
Comments
At least at 15 page requests per minute, it isn't causing your server even the smallest amount of difficulty. In computer time, that's not even noticeable.
I hope you are able to keep the site up for a good long time. Sorry for all the spam hassles. I guess the greater the success, the greater the hassles.
Untill today I still don't understand really why spammers are doing this shit. It's like running through the bazaars of some obscure North-African kasbah with a thousand of sticky bazaaris at your heels who try to sell (better: force you to buy) something and all yelling into your ear something you don't want to understand. Give me an AK-47! Rats!
My very own blog was nice and calm until heavy spam started some day. The spam made it into my moderating queue even though I required posters to be registered. The only valid option left was to close down comments and trackbacks - which didn't hurt since hardly anyone cares for my site, but still, this is about freedom.
Since's vowe's site is so nice I believed he has found the secret cure. Obviously not. *sigh*
First the selling hordes messed up the global E-mail system.
Now they're after the blogs. It almost makes you wish there were
two internets -- one for the sane people, and another for the
whacko's who will do anything to "reach" a large audience.
Volker, I don't know if you have a similar problem in Germany,
but the amount of physical junk mail that we get here in
California is absolutely obscene as well. I find myself filling
a paper grocery bag (equivalent to about maybe 6 liters?) about
every two weeks with paper to be recycled.
People talk about trying to make it computationally expensive
to send E-mail. Perhaps the same thing will eventually have to be
done for posting to a blog, for example. Make someone sign their
message using a ridiculously long key so they need a fast computer
to post. Perhaps the keying requirement is reduced for people who
have established an identity? I don't know -- one way or another
this kind of thing has got to be stopped.
I guess the most effective way would be to educate the average user on the web how to evaluate the content s/he sees. If most of the users were able to distinguish junk advertising, spam comments or trackback trying to get them to their website, the effect of such measures would decrease and so would the occurence of the phenomenon.
Unfortunately, currently there are way too many people who can't distinguish this kind of junk from proper content. Reportedly, the leading traffic generators to commercial websites are exactly these things (starting from banner ads all the way to comment spam, etc.). An this change in the user behavior is probably more a question of decades (i.e. generations) rather than years or even months.
I don't believe in making the internet more expensive, access for users has to be easy so everyone can participate. The cost to send a mail or blog entry would only hurt those who sincerely want to post. I think it was on heise where I read that in most cases of spam organized crime is behind it - and those guys surely do have enough money. After all, the paper you recycle doesn't come from people whose writings you enjoy to read either, but from large companies with budgets large enough to drown you with advertisement.
In my eyes, what we need is more police for the internet because it no longer is a seperated world that can be neglected. Most of all, we need to hunt down those zombies and those who set them up. Today our cops are busy with hunting down child pornography and they don't even have enough ressources to do this job up to a satisfactory level.
Besides criminal investigation I also see two other means that could work: licencing and fines. Everyone who wants to drive a car on a street needs a licence to do so. Why not for the internet highway? You'd go to a class teaching you the importance of software updates, text only email messages, no binaries from unknown sources, etc, and once you're done with the test you get the licence.
The same way you need a licence for a car you should also be fined when you don't follow the rules like when speeding. Those people running infested computers should be fined for their carelessness; with the money gained more cops could be paid and they may think about calling a technician earler the next time their computer behaves weird.
Full agreement with Ragnar here. =) I guess my concept just takes it one step further...
I have this too, albeit at a somewhat lower volume (though there's no 15 minute throttle here either). I have dealt with the most egregious abusers using blacklisting and one or two other techniques but I feel your pain nonetheless.
Volker, please don't succumb to the temptation to close vowe.net - it's one of the few essential Internet places on my personal list.
Andrew, the problem with these bots is, that they are being run for a reason. One is mail harvesting, the other is content theft. The mob has started to clone websites to make money through google ads.
There has been a lot of spam going around lately. My site, which is hardly well known, suddenly got inundated last month with comment spam, about 15 comments every hour, all hours.
They all got stuck in the moderation queue, but it was really boring to wade through them for the few legitimate comments.
So being a Wordpress user, I've activated Akismet, and hey presto - auto-spam-classification is active. And very reliable too, I've not had to intervene a single time since then.
Funny enough, the spam stopped a few days later.
Alex, I can confirm the reliability of Akismet for WordPress. It works fine for me, too. But it's only a question of time when Akismet is hacked by these brainless parasites ...
Cem, they are not brainless. But parasites they are.
I need to clarify. I do not receive 1000 spam comments a day. I receive zero. But there are 1000 attempts.
Ham or Spam? 93% of all comments are spam says Akismet. Insane.
Going after the spammers is futile. If the organization pedalling the goods had to pay a fee for every spam email or spam posting leading to their site, then the practice would stop pretty quickly.
All we need are the laws and a few simple utilities that detect spam and send invoices.
James, you are from Canada. You should know that laws stop at borders. :-)
