« TypePad Hacks is Proud to be Featured at Performancing.com | Main | How to Link the Title of a Post to the Permalink URL in TypePad »

John T. Unger

CAPTCHAs to Decrease Spam Comments on TypePad Blogs

John T. Unger April 19, 2006

Well, heck. Here I spent the week working on anti-spam hacks only to find that today TypePad added the ability to require CAPTCHAs for unauthenticated commenters. From Everything TypePad:

You can now require unauthenticated commenters (who don't sign in through TypeKey) to pass a CAPTCHA test before their comment is posted to your blog. The CAPTCHA (a ""completely automated public Turing test to tell computers and humans apart") will help prevent automated robots from posting comment spam to your blog.

You might want to read the original post to see the five new bug fixes that were announced today also.

To enable CAPTCHAs:

  1. Go to the Configure tab for the blog you want to change
  2. Click on preferences in the sub-menu
  3. Scroll down to Comment and TrackBack Preferences
  4. Check the box that says "Require unauthenticated commenters to validate with a CAPTCHA."
  5. Don't forget to save changes at the bottom of the page and republish your blog.

This is a good step forward, though I don't feel that CAPTCHAs are the best strategy long-term for eradicating comment spam. Personally, I hate having to fill in CAPTCHA fields because they are often hard to read. So far, I've always managed to get the word right the first time with TypePad's CAPTCHAs, so I'm gonna call this a very good thing.

What I'd really love to be able to do is prohibit specific URLS from being used in comments or trackbacks— it's easy to fake a name, it's simple enough to use dynamic IPs,but since the URL is the only reason spammers hit blogs, blocking the links would just ruin the game for them. Also, names and IPs can be generated for free. Blocking URLs would require spam commenters to register massive numbers of domain, making spam less profitable.

Meanwhile, I'm still working on an advanced template hack that will turn off trackbacks site-wide. It's proving to be a bit more difficult than expected, but should be ready soon.

Tags: , , , , , , , , ,

More Like This: Hacks for Comments , News , Six Apart , TypePad

Comments

Colleen says:

The IP banning page can be used to block keywords, URLs, email addresses, etc:
http://support.typepad.com/cgi-bin/typepad.cfg/php/enduser/std_adp.php?p_faqid=94

john t unger says:

Colleen,

Oh wow, thank you! That is *exciting* to see.

I'm going to quote the warning in full, though, since there is definitely a call to use this feature with caution:

When adding keywords or URLs to your comment ban list, be careful with words that can be used to form other partial words. For example, if the word "the" is entered into the comment ban list, any URL using this word in its string would be banned. In addition, any word in a comment using these letters consecutively would also be banned. This means words like "theme," "therapist" and "theatre" would be banned from being used in a comment, even though they are not on the comment ban list. This could inadvertently prohibits legitimate readers from commenting.

I wonder if we really *need* to be able to ban keywords if we can ban URLs? One of the most frequent spam addresses I delete regularly is an MP3 site, but there are lots of legitimate reasons to reference the word MP3, so I wouldn't want to ban the word itself. But man, would I love to be able to ban their URL!

Sarah says:

Wait! We can ban by keyword or URL by putting that in a field titled "IP Address?" Are you freaking kidding me?! That's great...but 1) shouldn't that be common knowledge? I mean, calling the field "IP Address" and mentioning nothing about keyword or URL banning on that page isn't exactly helpful. In fact, if I didn't read this website, I'd never know. How about an email from SixApart when this feature was implemented? Or better yet, RENAME THE FIELD. On the one hand, I'm ecstatic for the feature. On the other, I'm bewildered that I had to read a comment on a post to know this. 2) If keyword banning is this simple (?), then why can't TypePad users check a checkbox that says "Ban Profanity?" or something? Why do I have to manually type in S***, f***, a**, etc? Why can't you do that for me? Same goes for URLs...once a URL is reported (banned) a certain number of times, shouldn't it automatically be considered spam? How about a checkbox that says "Turn on Comment/Trackback Spam Filtering? (comments or trackbacks flagged as spam will not be posted until approved)"

So much of the burden is on the users these days. *I* have to type in everything that needs to be banned? Readers have to authenticate or fill out CAPTCHAs? Why?? Do we not have the technology to do better? Have you not seen the blogosphere raging over this lately?

http://blogher.org/node/4401

http://scobleizer.wordpress.com/2006/04/15/halfway-through-my-blog-vacation-change-in-comment-policy/

and me, too: http://hyperculture.typepad.com/sarah/2006/04/comments_trackb.html

Michael Sippey says:

Hey, Sarah (and everyone). The word banning hack that Colleen posted about above is definitely a hack, and we're working on turning it into a real feature. When we do that, we'll post about it on Everything TypePad, and I'm sure John will post about it here, too. :)

As for pushing the burden to the user... We are blocking more and more spam at the server every day, so that users won't see it. At the same time, there are spammers getting through, and we want to make sure that we provide a strong set of tools (moderation, TypeKey requirements, user banning, IP banning, CAPTCHAs, etc.) for users so that they can control how they want to manage their blog. And in addition to the word banning, we're working on adding more.

And yes -- we're very aware of the blogosphere rage on this very topic. Believe me, we hate these spamming idiots just as much as you do...

john t unger says:

Sarah,

"On the other, I'm bewildered that I had to read a comment on a post to know this."

I was planning to post about this outside the comments, but was waiting until a few bugs were worked out. Right now, as Michael says, it's a hack not a feature. But that status is poised to change…

Sometimes I get a heads up on pre-release stuff and it can be a bit tricky to balance the timing of *when* to write about it. I don't want to put the Design Team at TypePad in an awkward place because we have a good relationship.

Of course, I'm also advocating for users and for changes in features, etc. I feel that the best approach is to respect both the Team and TypePad users so that the conversation channel remains open. By holding off on a post occasionally so that they can release stuff that's fully tested, I can keep my relationship to the Design Team on a solid basis. That increases the chances that they will respond to user requests, so I feel it's a fair trade-off.

PS: a lot of good material shows up here in the comments… If you subscribe to them using the link in the sidebar, you'll be sure not to miss stuff that gets posted by other readers even on older posts that you might not revisit!

The comments to this entry are closed.

TrackBack

TrackBack URL for this entry:
https://www.typepad.com/services/trackback/6a00d8341c4fdf53ef00d8345dd9db69e2

Listed below are links to weblogs that reference CAPTCHAs to Decrease Spam Comments on TypePad Blogs:

» Comments, TrackBacks, from sarahintampa
As you may know, I had turned on comment/trackback moderation for a while because I was sick of all the spam comments and trackbacks. However, once moderation was on, there were fewer and fewer comments left on posts. My [Read More]

typepad hacks is a typepad featured weblog typepad hacks is listed on Alltop social media

Subscribe

Email RSS Comments  
Subscribe to TypePad Hacks with email Read TypePad Hacks posts via RSS Join the conversation at TypePad Hacks via RSS (comments feed) subscriber count

Search

Socialize

Twitter Logo
    follow typepadhacks on twitter

    Read and reply to the 100 most recent comments at the TypePad Hacks Community Page


    Grazr

    Colophon

    Powered by TypePad
    Member since 03/2005

    TypePad Status

    Creative Commons License