Introduced to Comment Spam? Solution: die();
June 25th, 2006 by SecuriTeam, Filed under: Web, Commentary, Spam
i just saw marco van hylckama vlieg’s blog. apparently, his blog used to be a pretty quiet place up to about 2 weeks ago, when his hosting pulled the plug as he was eating too much cpu.
apparently that happened due to spammers hammering his site with post requests.
he quickly came up with this temporary solution:
if($_server[’request_method’] == ‘post’){
die();
}
he discusses his experience quite intelligently. it’s worth a read.
me? regardless of the comment spam issue i think he needs to find better hosting. 
gadi evron,
ge@beyondsecurity.com.
-
Scan your web site for vulnerabilities with a Vulnerability Scanner - Be Safe!
Subscribe
Subscribe
I don’t suggest any specific hosting, beyond not being with one of the many who will take you offline because you have too many processes or CPU usage, or they say you do.
They can call you rather than bleed you dry.
Well, than I suppose you are right.
How’s it going with the comment spam itself?
Comment spam is coming in at several attempts per minute. Trackback spam is on a steady rise as well. Luckily I’ve got hardened trackback, a concept I sort of invented myself, in my blogging tool. For now this blocks all trackback spam.
This spamming thing is a continuous process going on 24/7. I don’t even want to think of how much bandwidth and resources this is wasting. It’s sickening really.
Hey Marco, that’s very cute! I like it!
Still, adding Javascript to everything seems a bit problematic? As long as it works.
A known approach you may want to try is to check whether your URL actually exists on the web page issuing the “ping” for the trackback.
BTW: did you get my email?
My last comment got ‘eaten up’ by your spam detector I think…
Just a followup (hoping this one comes through)
There must be two comments from me in this thread stuck in your queue. They were blocked when I posted them.