I've been getting lots of comment spam with no content. It's just gobbledygook, with links that don't reappear and with no consistent IP, so I can't block it with IP banning or with MT-Blacklist. I've decided to close off comments on any entries that seem to be getting this problem, since it seems to be targeted to specific entries. I had to delete hundreds of comments among the three Ektopos blogs a couple days ago. The problem resumed this morning, and I caught it before it got bad, but I've had to close more comments threads. Most of them are posts with no comments and no expected comments, but if it turns out an old post has closed comments and you'd like to commnt, let me know, and I'll open it again to allow you to comment and then close it again if it turns out the gobbledygook bots are still targeting it. I can't think of any better solution. I refuse to close off comments to all old posts, and I'm not happy about screening comments before they get posted, if I can even do that with MT (I don't know how to do it if it's possible).
Jeremy,
Have you considered using James Seng's Captcha(Scode) plug-in? Essentially, it forces each poster to enter a security code(displayed as a graphic) before being allowed to post. Even on my low-traffic blog, I get enough spam that I'm thinking about doing this.
Some other spam fighting ideas can be found here :
http://www.elise.com/mt/archives/000246concerning_spam.php
Anything like that is up to the host of the blog. That might solve the problem, but I can't implement it. I'm looking at that site. It has a couple tips I may be able to implement. I'm trying the "force preview" option first.
We have the Scode plugin installed. Jeremy will need to edit his template files.
I used the code at the linked site, and it seems to show up, but it gave the same number to type for the same entry I had just left a comment at three times in a row, and it doesn't matter if you type it in anyway. So something's not right about how I've done it. Are there explicit instruction somewhere about where to put the code? Or could it be this problem, in which case I can't fix it myself?
All you should need to do is add the security code snippet to the following templates.
- Individual Entry Template
- Comment Listing Template
- Comment Preview Template
- Comment Error Template
I've already done this at Prosblogion and it seems to be working.
The stuff I read said that it doesn't need to be in the first two templates you read on a blog with forced previewing, but I've added them anyway, and it still allows the comment to go through without typing in the number.
You've put the code snippet in the wrong place. It has to be within the form tags right before the preview and submit buttons.
In the above templates, just before the submit button line which begins
<input type="submit"
add the following block:
<!-- Security Code Check -->
<input type="hidden" id="code" name="code" value="<$MTSecurityCode$>" />
<img border="0" src="<$MTCGIPath$><$MTSecurityImage$>?code=<$MTSecurityCode$>"><br />
<input tabindex=3 id="scode" name="scode" /><br /><br />
<!-- end of Security Code Check -->
I've fixed that now, but it didn't work. I even went back and removed the changes I'd made to force previewing, and that didn't fix it. It shows what it's supposed to show, but you can submit a comment without typing in the number it shows. I tried editing the OrangePhilosophy templates also to see if it was something particular to my blog, and that doesn't work either, so I must still not be doing something right. Are you sure it's immediately before that line in all four templates?
It should be working now.