The Spammer Menace
I am a man of very few words. Instead of subjecting you all to my limited vocabulary yet again, I thought I would try creating a movie for my DevBlog entry tonight. Nothing amazingly in depth or detailed, but as a geek I am extremely proud of what can be accomplished on a whim. I hope you enjoy ‘The Spammer Menance’ and the two new extensions…
And after watching the movie (you did watch the movie first, right?), I present to you the Comment Spam Prevention extension, which is an update to my old Spam Prevention extension but with updated code and the new ability to download the pMachine.com Blacklist once a week automatically. I have been using the original extension and the Blacklist module continuously for the last year, and I have only received two comment spams in that time. A powerful combo, so I felt that by adding in the ability to automatically update the Blacklist, it would insure that everyone was up to date with one of the best tools for protecting your site.
Also, I present to you the Form Tag Encoder extension, which takes the input from the $FNS->form_declaration() method and encodes it with javascript. That method is used in all of the core ExpressionEngine modules to create <form> tags and their corresponding hidden fields, which includes the field for the Secure Form Hash. With the increase in bot activity and viciousness, it is becoming apparent that there are bots loading ExpressionEngine pages and parsing out the Secure Form Hash for their own nefarious spamming purposes. This extension makes their job a magnitude more difficult. Not impossible, but it went from fairly easy to extremely hard. Over time, I intend to update the encoder in the extension to increase the level of difficulty. The only downside to this extension is that it requires that the user have javascript enabled in their browser to submit forms on your site. NOTE: Requires ExpressionEngine 1.5.2. UPDATE: The Form Tag Encoder extension has been removed due to problems with Internet Explorer.
The spammers are pathetic, assholes who are wasting our time and bandwidth, so I hope these help while we work on ExpressionEngine 2.0, which should have even spiffier anti-spam abilities.
p.s. Many thanks to Darel Rex Finley for his Star Wars TSG application. It rocks and helped me waste many fine hours last night. Oh, and Mr. Lucas, I love your movies (well, half of them anyway) so please do not sue…
