DISQUS

louisgray.com: louisgray.com: I Woke Up to My First Disqus Comment Spam Attack

  • centernetworks · 1 year ago
    i am using mollom now on cn and it's doing fairly well, apparently we get more than 1 spam every second of every day - i hate it
  • Rishabh Mishra (possible248) · 1 year ago
    Thanks for the heads up. I think I'll have to fiddle with my Disqus settings to make it tougher for spam.
  • n8k99 · 1 year ago
    i've had the same thing happen with askimet, spam is just a matter of statistics- enough perserverance and eventually someone finds a way through.
  • alfredwesterveld · 1 year ago
    I am also planning to have a blog, but I think I will not open up comments that easily. If no account with me, then you should enter a captcha. Otherwise bots could just enter crap at your site ...
  • Vic Podcaster · 1 year ago
    Not user if DisQus folks are using an IP based DELAY filter for subsequent comment submissions from the same IP address. Typically SPAM bots use the same IP address and try to dump the hope SPAM load in a period of time before moving on.

    On multiple comment submission attempts from the same IP address, a machine challenge or simple comment rejection and banning that IP for say a 24 hour period should work great.

    The normal folks just dont submit 20 comments at a time - this is simply not human behavior - and could be used to identify spam.

    My 2 cents. I am sure DISQUS has lot of smart folks.
  • kf6nvr · 1 year ago
    Wow, I hope this doesn't start happening to me. I chose to go with Disqus to avoid this problem entirely.

    @Vic: On the note about the "same IP address" -- that's the whole problem I had before Disqus. I'd get hundreds of spam comments in a day, each from a different IP address. Occasionally, a few would match the same IP address, but it was so completely spread out that I could just start blocking by IP. In fact, MovableType will automatically block by IP address if it gets more than a couple in a short period of time, so the spammers must rotate IP addresses to keep getting through.

    The worst part about comment spam? It's worth their time. People click on their spam and buy their products. Erg.
  • Vic Podcaster · 1 year ago
    @ kf6nvr I believe you need TCP to leave a comment. TCP needs a 3 step handshake from a source IP address before even the communication can begin - something the spammers can't do - they need to maintain a TCP session before the communication can begin.

    DisQus team: please correct me if I am wrong (read ignorant) and if you can also use UDP as transport for commenting.
  • alfredwesterveld · 1 year ago
    Hi Vic,

    If you learn Computer Science you know that it's possible to fake an ip-address. It's possible so that disqus thinks that packet comes from a.b.c.d while the spammer has ip address b.a.c.d or something. Offcourse Disqus can't sent information back to spammer.
  • Phil Harnish · 1 year ago
    From what I understand, Disqus uses akismet, among other things.
  • mrshl · 1 year ago
    I use it on three blogs, and I think I've had maybe 2 spam comments. I don't come close to your traffic, though.
  • elliottng · 1 year ago
    Can someone confirm that Discus uses Akismet?
  • Devin · 1 year ago
    We do in fact use Akismet.
  • Louis Gray · 1 year ago
    Devin, thanks for confirming that Disqus works with Akismet. It's always good to learn how services work, and to see official confirmation. Hope you're enjoying your first month at Disqus.
  • Anthony Farrior · 1 year ago
    I cut off askimet b/c was too fanatical. Lately though i have been recieving a lot of comment spam...Maybe there was a spam convention lately :D
  • sarahintampa · 1 year ago
    I haven't had this yet (knocking on wood) but that stinks! I hate things I have to do one-by-one, manually...ugh.
  • Mike · 1 year ago
    Would be great if you could flag comments as spam and have mass-edit tools to deal with them.

    That's how I used Akismet, at least.
  • edythe · 1 year ago
    accck. if only they did not have to be deleted one by painful one...
  • Zach · 1 year ago
    Wow! To start by answering your question; I am indeed a Disqus user and no, I've never had an experience like this. In fact, since switching to Disqus I've not had a single spam comment slip through. Maybe one but I'm not positive it was spam - maybe just a very confusing comment. ;)

    Mind you, prior to switching I would get anywhere between 3,000 and 7,000 spam comments per week. No I'm not that popular; it was merely a matter of good SEO and the fact that I'm an apparent spam magnet. Akismet would typically let around 20/week through so I doubled up with captcha and I was ok after that. One of the many things I always found fantastic about Disqus is the lack of spam.

    Did you email them? Curious to hear/see their response. Great bunch of guys by the way...
  • Vic Podcaster · 1 year ago
    Reading the whole thread it looks like that DisQus has a very good system, and it so happened in Louis's case someone found a whole in the system and exploited it briefly.