Improved Spam Catcher

Hey Gang,

So tonight we had a slight spam spike but we quelled the attack. We have added some extra anti-spam support to our system. We are now using Akismet, Antispam, and a new improved in-house spam catcher. We are continuously making improvements to our spam catcher to avoid further issues. If you are still experiencing any spam shoot us a message @ help@disqus.com .

Sorry for any inconvience,

Giannii

Community Manager

Giannii on November 21st 2008 in disqus

  • Let's see... do I have the ability to tag things as SPAM yet?

    Oh, nope. Of course not.

    Because that couldn't be remotely valuable whatsoever.

    --Kyle
  • Kyle,

    We are working on the function to tag spam within the admin section. Don't worry, we are on it!

    Giannii
    Community Manager
  • "working on it"?

    How long does it take to make a link, some quick JS, a small script that changes what's most likely a boolean value in a db?

    You could do it in under 30 minutes, and even have a rollover image setup for it.

    So you want to explain to me how this is a "work in progress" rather than "oh, right... here it is!" situation?

    --Kyle
  • So you want to explain to me how this is a "work in progress" rather than "oh, right... here it is!" situation?


    Sure. This is how Disqus handles spam: we filter contents ourselves then pass them through a few different anti-spam providers. This requires a little more finesse than what you wrote above. Otherwise, I agree, it's a seemingly minor addition.

    The issue is around improving our handling of comment states in our system for future development. This is being done right now, as well as working in an improved interface that makes it clear for most people.

    I can go into more detail, but I hope this provides some insight.
  • I see, that makes more sense as to why it wasn't a feature launched from day 1.

    Not that I like *not* having one, but I appreciate the details. Being a programmer myself, knowing why something doesn't work like you think it should is always nice ;-)

    Thanks
    --Kyle
  • thanks for your commnet
  • I got hit pretty hard: http://i38.tinypic.com/2a4o9c5.jpg :-(
    I'll let you know if it continues. Thanks.
  • Let's see... do I have the ability to tag things as SPAM yet?

    Oh, nope. Of course not.

    Because that couldn't be remotely valuable whatsoever.

    --Kyle
  • Kyle,

    We are working on the function to tag spam within the admin section. Don't worry, we are on it!

    Giannii
    Community Manager
  • thanks for all explains
  • Hey Dave, I received your Twitter DM about it. Definitely let us know if it continues.
  • thanks for all explains
  • I'm getting hammered by AdultFriendFinder - I keep adding them to the Spam filter, and they keep finding a way around it. Anything you can do would help!
  • CaptainDigital,

    I just checked both of your sites and it seems pretty clean. Have you been deleting them manually? Also which site is receiving the spam?

    Giannii
    Community Manager
  • I've been deleting them manually, on a daily basis.
    www.captaindigital.netis getting the brunt of the spam. Interestingly,
    the spammers are hitting
    older posts almost exclusively - not the new stuff (I try to post to my
    blogs on a daily basis).
    Here's a question for you - even though I've got Disqus installed on both,
    some of the comments I get are on the blog comments - not through Disqus. Is
    there a way I can force EVERYTHING to go through Disqus?

    Thanks!

    - Brad
  • I'm getting hammered by AdultFriendFinder - I keep adding them to the Spam filter, and they keep finding a way around it. Anything you can do would help!
  • CaptainDigital,

    I just checked both of your sites and it seems pretty clean. Have you been deleting them manually? Also which site is receiving the spam?

    Giannii
    Community Manager
  • I've been deleting them manually, on a daily basis.
    www.captaindigital.netis getting the brunt of the spam. Interestingly,
    the spammers are hitting
    older posts almost exclusively - not the new stuff (I try to post to my
    blogs on a daily basis).
    Here's a question for you - even though I've got Disqus installed on both,
    some of the comments I get are on the blog comments - not through Disqus. Is
    there a way I can force EVERYTHING to go through Disqus?

    Thanks!

    - Brad
  • You can definitely enable Disqus on every post, including old ones.
  • i agree you
  • Is there any way to add "nofollow" tag, incase a visitor leaves his url in the comment ?
  • Hi guys, sorry for the offtopic. I was wondering: Is there any chance to edit comments, like the spam ones. Let's say that a person leaves a spam comment. What I want is to modify his comment, by eliminating the link, and to write something in his comment like "edit by admin: Spam is not allowed on this blog" If this service doesn't exists yet, I think it would be a great job to activate it. It is very usefull for an admin.
  • Is there any way to add "nofollow" tag, incase a visitor leaves his url in the comment ?
  • it would be nice to have an option to add nofollow as I'm getting a lot of worthless comments just for spammers to add their links.
  • Hi guys, sorry for the offtopic. I was wondering: Is there any chance to edit comments, like the spam ones. Let's say that a person leaves a spam comment. What I want is to modify his comment, by eliminating the link, and to write something in his comment like "edit by admin: Spam is not allowed on this blog" If this service doesn't exists yet, I think it would be a great job to activate it. It is very usefull for an admin.
  • "working on it"?

    How long does it take to make a link, some quick JS, a small script that changes what's most likely a boolean value in a db?

    You could do it in under 30 minutes, and even have a rollover image setup for it.

    So you want to explain to me how this is a "work in progress" rather than "oh, right... here it is!" situation?

    --Kyle
  • thanks for your support on this, I did a few messages but I easily removed them and blocked them, with a great plugin like this it wont take long to build a great whitelist...
  • thanks for your support on this, I did a few messages but I easily removed them and blocked them, with a great plugin like this it wont take long to build a great whitelist...
  • thanks i agree you
  • thanks
  • thanks
  • thanks for your supports
  • <quote>So you want to explain to me how this is a "work in progress" rather than "oh, right... here it is!" situation?</quote>

    Sure. This is how Disqus handles spam: we filter contents ourselves then pass them through a few different anti-spam providers. This requires a little more finesse than what you wrote above. Otherwise, I agree, it's a seemingly minor addition.

    The issue is around improving our handling of comment states in our system for future development. This is being done right now, as well as working in an improved interface that makes it clear for most people.

    I can go into more detail, but I hope this provides some insight.
  • You can definitely enable Disqus on every post, including old ones.
  • I see, that makes more sense as to why it wasn't a feature launched from day 1.

    Not that I like *not* having one, but I appreciate the details. Being a programmer myself, knowing why something doesn't work like you think it should is always nice ;-)

    Thanks
    --Kyle
  • thanks for your supports
  • Wow, the image's pretty scary. I guess the Disqus team will fix it eventually.
  • serrena
    how can i usubscrive to your blog i hate it
  • serrena
    how can i usubscrive to your blog i hate it
  • This is a check of the XSS filtering this system does. So far I have found lots of holes in the comment system. Lets see if it works on this site too.

    Hacking tests to follow (not cracking).

    <b onClick="javascript:alert('hello');">Click me or Just let the script load without any help.
    <IMG SRC="javascript:alert('XSS');">
    <IMG SRC=javascript:alert('XSS')>
    <IMG SRC=JaVaScRiPt:alert('XSS')>
    <IMG SRC=javascript:alert("XSS")>
    <A HREF="javascript:document.location='http://www.google.com/'">XSS
blog comments powered by Disqus