Search

Subscribe

Enter your email address below to subscribe to our privacy and security newsletter.



Name:
Email:

Menu

• Home
• Business/Corporate
• Computer Security
• Digital Signatures
• Encryption
• Firewalls
• Intrusion Detection
• Just Plain Silly
• Personal Security
• Privacy
• Residential Security
• Security Blogs
• Security Consultants
• Spam/Anti-Spam
• ssl
• Training
• Uncategorized
• Viruses
• Wireless Security

Kill Comment And Trackback Spam

By Ian Scott

For a long time, spam was pretty much associated only with email. Now that blogging has become so popular, especially with the ability for readers to leave comments or other bloggers to send what is called a “trackback,” spammers have found new ways to be a major annoyance.

Generally, the goal of these blog “comment” and “trackback” spammers is to get their website URL on the blog. This does a couple of things for them. Obviously the first is that on blogs with heavy traffic, people will come across the link and click on it.

Secondly, they are counting on search engines picking up their links on blogs, and possibly giving them a higher ranking because of “link popularity.”

There are a number of solutions to the spam problem – some more effective than others. On comment sections, having a dynamically generated series of letters and numbers that the commenter must enter before the comment is accepted is one effective method.

The reasons for this are because these comment and trackback spammers are using automated “robots” to do the spamming – so far, these robots are unable to determine what the “on the fly” generated series of characters are.

Trackbacks are a different problem however, as by their very nature, there are no human eyes looking for confirmation characters before the trackback is sent.

A firewall could be used if the host that is sending the spam comments is known. As well, using an .htaccess file works for hosts that are regularly spamming a particular blog.

However, both of these methods can only really be used AFTER the spam has started. There is a better way, thanks to the Shinn Brothers at Got Root?.

They have created blacklist rules which may be used with the ModSecurity module for the Apache webserver. If you maintain your own server, you really ought to look at ModSecurity as a web application firewall regardless of what other firewalls you use. Many web attacks use the SSL protocol which is encrypted – and thereby making any other type of firewall or intrustion prevention system ineffective.

If you’re using ModSecurity, it’s just a matter of loading the Shinn brothers’ rules, and I promise you that you will see a significant decrease in trackback spam.

If you’re hosting your blog with a provider, you might want to mention ModSecurity to them, and the rules that they can use to help you stop dead comment and trackback spam.

Give it a shot – I know that in one day of use, the rules have already made my job of deleting trackback spam very easy. I’ve not had to delete any! Going through my audit log, I can see the numbers of trackbacks that I used to get are being prevented with the spammer getting an “Internal Server” error.

Once you get this set up, send a thank you note over to the Shinns!

Read more in: Spam/Anti-Spam |

© SecPriv.com | About/Disclaimer | Privacy Policy