Today, I had a vicious bout with a comment spammer on this site. Someone (or something) was sending comments to an old post periodically. Despite my having removed the comment form for that posting, apparently the person or persons responsible were able to work around that by using some sort of spambot that just POSTed information to my site.
I believe I’ve closed this security hole by implementing several validation techniques on all comments. If anyone has trouble posting a legitimate comment, please let me know. For more information on comment spam and fighting it, check out the Six Apart Guide to Combatting Comment Spam.
Disclaimer: Any viewpoints and opinions expressed in this article are those of Nicholas C. Zakas and do not, in any way, reflect those of my employer, my colleagues, Wrox Publishing, O'Reilly Publishing, or anyone else. I speak only for myself, not for them.
Both comments and pings are currently closed.