This is a short non-mining topic but it’s something I found interesting when writing a WordPress blog. Spam and bots are everywhere.
I started this little WordPress blog a few years ago and enable the readers to comment on each blog as well as subscribe. Well lo and behold it didn’t take long for the spam to start arriving. Both the commenting and subscribing are affected
The image below shows the typical spam that I would get in the comments section. Even though commenting requires one to enter an email address in order to post, this type of spam still sjows up. It took a few weeks for it to start but at times I would be getting 5 to 10 of these spammed “comments” each day. It’s not like my blog has a lot of followers or comments, but it still ended up a target to the bots or spiders or whatever else that is roaming around the web.
The first solution is to turn off automatic commenting to prevent comments from being posted immediately on-line. I switched to moderated comments whereby each comment needs to be manually approved by the administrator before being posted live. However after being continually asked to approve a lot of pending spam comments, it got tiresome. The next solution was implementing the CAPTCHA (see image below).
WordPress has various plug-ins designed to limit spam. One of the simpler solutions is to add a “captcha”, which is the little box where you need to type in a word or number. This is designed to hinder the automated spam-bots. CAPTCHA is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”, a great acronym.
After five days of using the captcha, I have received no new spam and weeks later still none. However this won’t stop any manual spamming, so that will be the next thing to wait for. It’s interesting to see how much unproductive technical energy is being expended out there in cyberspace.
The next thing I noticed was that my subscriber list would grow enourmoulsy. These new subscribers were all pending, meaning they did not confirm their subscription via a return email. So it seems some bot is creating accounts, possibly sending out request-for-confirmation emails to people who never signed up. For a while I shut off the subscribe box, but recently re-started it to see if it continues.