Comment Spam, What is it? Why do I care?

Discussion in 'Security' started by KH-DanielP, May 10, 2013.

  1. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Hey Guys & Gals,

    I just wanted to cover a topic which is very common to a lot of our customers and can cause random high load spikes, sluggish site performance and a whole ton of spam for our customers to sort through and delete from their sites.

    So first off, let's put a definition to it.

    Comment Spam:

    This can be considered many things, from that random post on your website trying to sell Viagra to massive link submissions to your sites by automated bots or crawlers. All of the unwanted traffic out there that causes your site to become toxic if its not taken care of.

    Now you may be asking why do I really care about it? I just go and delete the comments and don't approve them, it doesn't take me much time at all.

    One thing to consider with comment spam is that each time one of those bots posts or attempts to post spam to your website it is consuming your resources. Not only does it use your bandwidth, but it also consumes CPU, RAM and Disk I/O each time they call a script to attempt a post. This can lead in certain scenarios to your VPS running out of memory at which time it may corrupt your MySQL databases or cause your services to be killed off to maintain the stability of your VPS. We call these OOM (Out of Memory) events.

    So now you might be thinking that's pretty bad, what can I do to stop it?

    Well thankfully the internet being the internet many people have banded together and formed collaborative efforts to help combat this. Below I will cover a few things that can be done to help protect your site and server from these bots depending on what type of software your running.

    First up lets cover WordPress.

    By default now WordPress comes with a plugin called Akismet. What this plugin does is scan the posted comments to see if they are spam or not, and if they are by default it requires you to approve or deny the comment. While this helps to keep your site clean, it does not help with resource usage as they are still being allowed to "post" the comment which consumes those resources.

    There are two plugins for WP that can combat this at a much earlier stage.

    The first and the one I personally recommend is AVH First Defense Again Spam: http://wordpress.org/extend/plugins/avh-first-defense-against-spam/

    This plugin matches a users IP with several databases including http://www.stopforumspam.com , and if it finds a match it can be configured to completely deny that IP from loading your content, as well as registering to post comments, or if comments are open, it denies them the ability to post a comment. This system reduces your overall site foot print and resource consumption by not allowing a spammer to even complete the posting process, thus saving MySQL queries and CPU load.

    The second plugin takes a similar approach, Stop Spammer Registrations: http://wordpress.org/extend/plugins/stop-spammer-registrations-plugin/

    This plugin works similar to the way that AVH works, however, it does not block all content delivery, but it will compare against multiple sources including http://www.stopforumspam.com to stop a spammer from registering or posting if their IP address matches the list.


    "Great, so you've talked about WordPress, but what if I don't use that".. well here's solutions for a few other popular pieces of software.

    Lets talk about xenForo next.

    xenForo has a plugin to accomplish what we want. It's called, oddly enough, Stop Forum Spam: http://xenforo.com/community/threads/stop-forum-spam.5417/

    This plugin is also included in XenUtiles: http://xenforo.com/community/resources/8wayrun-com-xenutiles-tools.104/

    What this plugin allows you to accomplish is to select several metrics in which to deny a registration to your forum, matching by their email , IP Address or username and then deny them registration. This is a good way to protect your site, and while it may not get all of the spam, it significantly cuts down on it.

    But you didn't talk about the software I use?!

    To answer that question I would direct you to http://www.stopforumspam.com and take a look at their Modules and API section. They have a very good list of different plugins and modules for all types of software including VBulletin, phpBB and many others.

    Comment spam can be very aggravating to deal with as we have seen bot networks come and go, they will target a site for about 10-20 minutes, driving that customers load up to 50+ and then disappear only to return again the next day. Using plugins such as these will help reduce the overall impact they have on your servers and your time. After all, who wants to spend hours cleaning up a bunch of spam!
     
    Jean Egan, KH-Tyler and Big Dan like this.
  2. Big Dan

    Big Dan New Member

    I had not heard of AVH First Defense Again Spam. I'm off to check that out. :)

    XenUtilites also has a neat profile spam finder tool. It finds links on profiles. A lot of spammers register but never post and just have their link in the homepage or signature field.

    vBulletin has a Spam-O-Matic plugin which is really good. It goes up against a few databases one of them is SFS. http://www.vbulletin.org/forum/showthread.php?t=248042

    I also stick Cloud Flare in front of most sites. It helps with the malicious traffic.
     
  3. alfie.

    alfie. New Member

    Big Dan likes this.
  4. KH-DanielP

    KH-DanielP KH-COO Staff Member

    Alfie,

    Thanks for the extra links. I'm by no means an expert when it comes to all the various software out there so the more input the merrier!
     
  5. JenniferEklund

    JenniferEklund New Member

    Thank you for this post!
     

Share This Page