[an error occurred while processing this directive]
Posted by HeatPro on December 14, 2008 at 18:42:23:
In Reply to: Re: Boilerroom.com Message - Heavy Spambot Attacks posted by HeatPro on December 14, 2008 at 15:32:00:
Simply take your normal textarea comment box (which looks like this):
... and use JavaScript to write it to the browser instead:
document.write('');
That's it! Why does it work? Simple. The comment spam you get on your blog isn't left by "real" people. The comment spammers write scripts that automatically scan web pages for a text area field and a form.
They use PHP and automatically post to the form, filling the textarea with their spammy content, which then appears on your comments list.
By outputting the tag using JavaScript, when they look through your page for a tag they wont find one and therefore wont run the part of their spamming script that says "Ahhh, we've found a form with a text box. Let's fill it with our spam links and submit the form.".
The JavaScript outputs the tag in 2 separate lines of code, so the spammers script will never find the phrase "" on your page.
This solution is simple, elegant and sure beats the hell out of making your visitors type in hard-to-read CAPTCHA text every time they want to leave you a comment.
If you don't run Wordpress and can't run Akismet on your blog then give this a try. In 99.9999% of cases you wont get any computer-generated comment spam ever again.