Thursday, November 9, 2006

Bad Behavior

Bad BehaviorI've had my fill of spam. No, not the fine meat product by Hormel. That's SPAM® -- and that's good.

I'm talking about unsolicited comment and TrackBack spam. Like blogs get. Including this little blog.

I'm using Akismet, which comes with WordPress. And it works pretty good. I also use SpamKarma 2, and it does some good, but I can't tell that it picks up anything that Akismet misses.

To me, one's as good as another. Akismet is free for small blogs like this little blog. Big blogs can get a Commercial edition. Spam Karma is free, too. But Dr. Dave does accept tips. And no, I haven't donated. But I should. I really should.

But, Akismet and SpamKarma both let some stuff through. Not much, but some. And I'm happy with them. It's the spammers I'm not happy with. And I'm not happy with checking the moderation queue.

You see, Akismet and SpamKarma do catch a lot, and send that stuff to the moderation queue. Which means I need to check the queue. And most of the time, it's spam. Every now and then, something gets queued that is okay. So I do have to check the queue.

But, like I said, most of it is nothing but spam.

And that's where Bad Behavior comes in. Bad Behavior is a WordPress plug-in that helps with spam:
Bad Behavior was designed and built by watching actual spambots which harvested email addresses, posted comment spam, and used fake referrers. By logging their entire HTTP requests and comparing them to HTTP requests of legitimate users, it is possible to detect most spambots. Bad Behavior blocks spambots with a short error message. It also has three configurable User-Agent lists for spambots and other malicious bots which actually identify themselves. Bad Behavior can use string matching or regular expression matching against a User-Agent.

So, what's all that mean? It means that lots of these spammings are not from some guy in his underwear hitting your site and typing crap into the comment box. Rather, it's an application and/or scripts that the guy in his underwear is running that automatically try to leave comments and TrackBacks. And they basically all have similar characteristics. And Bad Behavior is supposed to be pretty good at recognizing them and blocking them.

Beth over at MY Vast Right Wing Conspiracy tried Bad Behavior once before. And didn't like it. But it's been re-written. So, I'm going to try it out.

I enabled it Thursday. And within 7 hours, it says it blocked 367 hits. SiteMeter stats do not show a drop ... at least, not that I've noticed. So, I'd figure they're spammers being blocked.

But they may not be. If I get reports about legitimate visitors being turned away, I'll check to see if I've done something wrong, or if it's just not for me. As was the case with Beth.

Of course, if it's blocking you, you aren't reading this, so you don't know what's going on. So I may never know there's a problem. Beth found out because people contacted her. Because her blog rocks.

I'll find out if one of my sisters gets blocked.

Now, I'm not planning on dropping Akismet or SpamKarma. I'm just adding another level of protection. All three do different things. And I'm hoping there'll be enough spam protection in place to prevent me from having to check the 100 or so items that are moderated every day.

After running for a few days, we'll see if this was a good idea ... or bad behavior on my part.


  1. Yeah, ever since you put that thing up I can't go on your blog anymore. I kinda miss it.

  2. I like Akismet, but when I mark a comment as, "Not Spam" it doesn't help. That commenter still has problems on my blog...and it irks me to no end. Countless emails to Akismet has produced no results. Hell, it hasn't produced one return email either. Who am I kiddin'.

  3. David N. Scott: Meet my sister.

    Big Sister: Meet David N. Scott.

    Tony: Yeah, Akismet did that for a while on a few blogs. It eventually straightened out. Everything went smooth for a bit, but now I'm finding SpamKarma doing something similar with Blogger ( blogs. But I suspect it's because right now, lots of spammers are setting up blogs at Blogger that redirect to their gambling/porn/search sites. If I can ever get on the page before redirect, I always flag them, but they spammers are getting smarter, and making the redirect happen before the "flag" displays.


