Fighting Spam – A Better Way
Not too long ago I wrote about what it was like to be a blogger in the early days. The main difference? Scarcity, and spam. Spam just didn’t exist then like it does now.
As anybody who runs a blog can tell you, spam is out of control. It wasn’t so bad when I had my own custom code, but that all changed when I installed WordPress. I started getting spam before I even turned the WordPress version live. After that, it increased by about 45 or so messages per day. Something had to be done.
The first step was installing Akismet. That managed to catch those 45 messages / day and mark them as spam, but they still sat there in my database until I could delete them. That’s clearly not optimal.
Thankfully, I remembered what Jeremy does on his blog. You saw this on the old dotCULT too. Up until now though, I’ve had no idea if it worked or not. Guess what, it works great!
So what is it? It’s the “type Ryan here” box on the comments form. Since I installed that, I’ve gotten only 1 spam comment (and it was a trackback from a spam blog) – much better than the 45 I was expecting.
So why does something simple work so well? And what about captchas, mathchas, and kitten auth schemes?
Well, it seems the key to the “type Ryan here” isn’t that it’s easy for a human and hard for a computer. It’s that it’s specific to dotCULT. In other words, it doesn’t make sense for somebody to code their bot to type Ryan into forms if it will only work on one website. The reason these bots work so well in the first place is because thanks to WordPress, all the comment forms are the same.
Try it out on your site. All you have to do is make a change to the standard form (and make it required). Unless a spammer is gung ho on spamming just your site, you should see your spam signficantly drop off.
January 22nd, 2007