I’m Being Flooded With Spam Comments

Steel White Table is was being flooded with spam comments from someone using a program to automate the task. The origin’s IP address changes occasionally to no noticable pattern. I may have to shutdown commenting until further notice.

Update (an hour later): It appears someone has been planning this since at least September 11 around 1am, with my server being bombarded with hits, possibly causing Denial of Service (DoS) (I wouldn’t know since I’m never on at that time, and no one informed me otherwise). Since then the source has been hitting my server continually, sometimes every couple of seconds, sometimes every couple of hours. This evening they started inserting a spam comment every 10-15 seconds into all posts on Steel White Table.

This site uses WordPress which has been excellent at filtering spam; however, spam comments are merely flagged as being spam; they’re still inserted in my database, where I can approve or delete them. I need a way for users to verify legitimate comments as they enter them. I’m thinking about implementing a security-type function that’s becoming common: entering the letters or digits displayed in a random image, posting the comment only if what’s typed matches the image’s characters.

When I tried banning the IP culprit, it switched to another IP, so that obvious solution wasn’t helpful.

Anyone have suggestions?

10 Replies to “I’m Being Flooded With Spam Comments”

  1. I wish.

    My server is still being scanned by the assailant: it’s systemically trying to access random pages, trying to insert its spam into a comment. I prevented the spam, but I suspect it’ll be temporary.

    Why me?

  2. do the image thing for posting comments, and if the user doesn’t enter the text correctly, ban them from posting for an hour or something, to deter this thing. however, there ARE programs available that can read those images and get the text from them. i know cause a friend of mine has such a program built into a little auto-player for an online game we play.

    and if the little turd starts DDoS’ing you, there’s sadly not much that can be done about it other than shutting the server down for a couple days till he gives up…

  3. Are you able to find the physical location of his/her IP address? I’ll go knock on their door and I guarantee they’ll never spam you again (unless it’s a hot chick; that’s the only attack mechanism that I’m not able to fend off). I’d say they picked a poor target, wouldn’t you? I mean, there’s a load of IT professionals on this board and a few of them know quite a bit about hacking too! Let’s reverse-hack…

  4. The IP’s are most likely zombies, so tracking them down probably won’t lead you to anything other than some newb user going “huh, spam?” cause their PC was owned by a script kiddie. :(

  5. not necessarily(sp?). some are spoofed, but more often than not you can trace them to a real PC somewhere, with the ISP’s help, and the user will not have a clue that their PC was being used as a trojan zombie, or for any other stupid reason. That’s how DDoS works, they need tons of PC’s that are all hitting a server at the same time. zombie PC’s.

    I was DDoS’d before over an online game, and found out quite a bit about this crap during that time. I was too cocky for my own good, and some bastard brought my internet connection crashing down. Rogers doesn’t make it very easy for you to get a new IP either, so you’re stuck waiting a week with internet that’s slower than dialup…

Leave a Reply

Your email address will not be published. Required fields are marked *

*