Well the steps I introduced to reduce the number of comment spam that was plaguing my website seem to have made an impact.
As I meantioned before I added a new step to avoid known spammers by interacting with Project honey Pot.
In the first few hours after I added the new features it became apparent how much my website was being hit by automated bots. In a quick count the figure was up to 10 IP address attempting over 40 times in one hour.
As another level of protection I've added a new feature to close the comment functionality on older posts.
There was one execption but the reason soon became apparent once I had checked the website logs, the spammer was a Human. The only course of action was to block them outright.
Other than the one comment spam I've been pretty pleased with the whole detection and avoidance system that is now in place. Althought there are a few upgrades that I can make in futures versions.
It seems the new functionality I added is working wonderfully. In the days since Sunday I've had no spam comments posted (touch wood) although there has been over 500+ hits from possible spammers.
It's quite funny that the spammers browser information indicates that they are using Java to run these automated spam scripts and there is no attempt to hide this fact. The worst offender on my website in the past 4 days was from a network in America registered to “AirlineReservations.Com, Inc.”. Which it turns out is a dubious natured website, mostly comprising of adverts.
A quick scout around revealed that this IP is indeed frequently responsible for spamming guestbooks and comment sections of websites all over the place. So as a further measure to reduce the number of bots that will be able to post spam comments I've been looking at an additional measure that I can implement. I've been following Project Honey Pot and schemes like it for sometime so I've decided to use one of their services, http:BL.
This blacklist service can be used to check the IP address of a visitor against the data held by Project Honey Pot. This will return 4 pieces of information:
A valid query response
The number of days since the IP was last active on the Project Honey Pot network
A Threat Score
And a type of visitor indicator
Using the last 3 pieces of information it should be possible to reduce potential spam attacks even further.
Well I've added new functionality to the comment pages that will now check against the blacklist. I'll monitor the traffic for the next week or so just to check that all is ok.
After quite a bit of learning and creating the custom code needed welshtroll.co.uk is finally using ReCaptcha.
An interresting point was the delay I had between switching version, during those 20 minutes I managed to get four spam comments posted. those bots must be working extra hard over the bank holiday weekend.
For a quick overview of the new reCAPTCHA I've put a quick picture that explains the functionality.