Blog Archives

Wishing For Spam Free Hosting

Are You Wishing For Spam Free Secure Hosting

Do you wish you could host your WordPress blog (self-hosted) where spam wasn’t a problem, where hackers couldn’t damage your site, where your host took effective steps to keep spammers and hackers away from your blog?

Are you fed-up with all the spam and hacker attacks from China, the former Soviet states and other notorious regions, the sharply rising level of cyber-attacks from the middle east and northern Africa?

Are all the hacking attacks and login attacks from hacked web sites and bad-host web-servers giving you grey hairs?

Read the rest of this entry

No Website Url Less Spammers

Removing Website URL from Comment Forms Stops Spammers

Another way to stop spam comments – get rid of the website URL in comment forms. We’ve finally got rid of nearly all spam comments on Although the site was already protected by Project Honeypot, and comments use a CAPTCHA challenge, we were still getting a lot of spam. no comment spam links thumbnail imageInstead of switching to RECAPTCHA with it’s more difficult text, we looked for another way to reduce successful spam comments.

The common factor to all spam comments was the inclusion of a homepage URL in the form field. The thinking was; if there’s no field for the URL, then spambots may fail as they can’t finish their job. Without a homepage URL field, manual spammers may be discouraged from posting rubbish as well.

Read the rest of this entry

Extreme Spam Control

Taking Spam Control to an Extreme Level

extreme spam control thumbnailWe took spam control to a ridiculous level. As an exercise in discovering just how effectively spam can be blocked with WordPress it’s been an interesting exercise. We looked at the 4 main types of spam one is likely to see on their blog; comment spam and trackback spam, spam registrations and finally e-mail spam from contact forms.

The site chosen was our WordPress information site. A few months back a plugin support forum was added to the site, and public registrations allowed. Almost immediately there was a spate of spam registrations – “visitors” registering an account. Most were bots. How do we know? Well, the only link to the registration form is from forum pages, and only a few registration attempts came from one of these referrer pages – the others all arrived at the form directly, without visiting the site at all.

Read the rest of this entry

Bork-Edition User Agent

Opera User Agent “Bork-Edition”

bork-edition spam bot iconHave you seen Bork-edition user agent strings? Wondered what browser uses this string? Maybe noticed nearly all traffic to your site with Bork edition in the user agent string is spam and hacking attempts. User agents with Bork-edition are considered by at least one writer among the top 10 spam bots that must be blocked.

There’s several user agents which on first glance look harmless e.g. user agent string Mozilla/4.0 (compatible; MSIE 6.0; MSIE 5.5; Windows NT 5.0) Opera 7.02 Bork-edition [en]

Read the rest of this entry

Weird Spam by E-Mail

Nonsense Spam

Just when I thought I’d seen it all, I get some really weird spam e-mail from a webform response. Every possible field filed in with a website URL, or nonsense text. And there are lot’s of fields. Stranger still, the mail form responds to a promotion that ended in October last 2011…

Email: wxgokb@

First Name: zmcpff
Last Name: zmcpff
Company: zmcpff

Bus Tel: 5283678809
Cell: 2194836070

Post Address L2: http: //
Suburb: http: //
City: New York
Code: 9804

Street Address: http: //
Street Address L2: http: //
Suburb: http: //
City: New York
Code: 9804

Ownership Type:  Self Employed (Sole Trader)
Business Sector:  Clothing/Textile

Employees: 1-3

Description of Business: Gog0rh <a href=”http: //”>geqsrfadufdz</a>http: //]chxxwqcqcloy, http: //, http: //

Read the rest of this entry

Fix this Message – Fake Warning

Another Spam Scam – Fix this Message

“If you are the owner of the site, you can fix this message by publishing…” is appearing all over blog comment forms. The spammer would have the blogger believe there is an error message somewhere on the site, and publishing the contents of the comment will some-how fix the supposed problem…

Mysteriously fix the Error Message

fix it button graphicPublish the comment and the problem with the site is gone! Wow – as easy as that. No checking code files or testing plugins, all your problems are solved if you are the owner of the site…  Publish the comment and you can fix this message. So simple.

Of course this is a spammer trying to get the link to some trash site published, hoping to attract click-throughs to the site, hoping to sell some rubbish product like cheap black-market Viagra or install malware on the visitor’s computer, steal personal information such as your banking details. Are we really that naïve – I don’t think so.

Read the rest of this entry

Seriously Spam Comments

Spambot – Check the Names and Websites

Spambots getting better? This spammers auto spam-bot message is almost convincing. I had to stop for a moment and think; almost started moving the mouse to find the list of e-mail subscribers when I remembered something – the posted name and website link was not one of the available sign in services (WordPress, Facebook, Twitter), so how did this commenter manage to subscribe by e-mail when leaving  a comment.  SPAMBOT

It nearly got published – It is still a bit early for me, I don’t function too well until I have seriously diluted the blood level in my caffeine stream, even the eyes don’t see too well until caffeine overtakes the red cell concentration, and almost missed the “great site dod” intro and the spam terms “cheap” and “viagra”.

seriously spamming
Read the rest of this entry

No Link in Spam Comments

Where are the Spam Comment Links?

I have recently come across a trend that makes no sense whatsoever. Spam comments on with a non-existent backlink. We all know moronic spammers try to post comments on for backlinks to their trash websites, so why are they posting bad links?

Take a typical spam comment, a line or two of badly written English, an email address if required – useful to check if an apparent borderline comment is spam. At least one outgoing link, even if only in the ‘website’ field. It looks like spammers have finally realised many blog authors activate the “mark 2 or more links as spam” setting.

Checking another blog’s spam folder  today six of these were found (out of a total of 16 spam comments; a high percentage. I could see from site visits on the days the so-called comments were posted these were almost certainly spambot generated; comments on posts that had not been viewed for several days before and after. (more…)