Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS

Do you have a blog? Do you get slammed by comment spam or referrer spam or even trackback spam? If you’re like the rest of the world, you probably do.

Some of us combat comment spam by adding CAPTCHA images where our readers have to type in some convoluted text in a crappy image to prove we are human and not a bot. The problem is that some geeky college student decided to write an algorithm to beat CAPTCHA as a class project and show it to the web. Now, your CAPTCHA is only about 17% effective in stopping bots (no, I don’t know where I read that, but I did so just trust me). This also doesn’t take into account the comments submitted via the CommentAPI web service through clients like RSSBandit, or referral spam or even trackback spam. How can you kill these people?

A few months ago I saw ReverseDOS by Michael Campbell on his site AngryPets (cool site name BTW, but I digress…). If you want to know how it really works, go to the ReverseDOS link above. Here’s my take: he checks every since request coming in against a bunch of filters in a special config file. If something matches the specific criteria, ReverseDOS gives the impression that your site is the victim of a DOS attack and just sits and spins, not accepting the post. It’s a piece of cake to install too! Just drop a DLL in your bin, add the ReverseDOS.config to your root, and add the ReverseDOS DLL to your HttpModule section of your web.config. That’s it! It’s working so well for me that I’ve removed my CAPTCHA solution! Try it for yourself! You can hit this page on my site: http://www.andrewconnell.com/blog/default.aspx. But, if you add the querystring “?poker” to the URL, you’ll see my site act like it’s getting hammered and just not respond. Why didn’t it catch this post? Because I’ve listed my IP as a trusted address (anything sent from my home PC will get through).

Is it perfect? No… but it’s pretty damn close. I sent a few feature requests in last night which I may give a shot to try to implement them myself (yes, the source is available). Here’s my ideas for enhancements:

Add reverse DNS lookup to trusted sites OR
Add a special cookie to be added on clients which you wish to grant access to… use with some sort of encryption algorithm (like a combo of the domain?) with a daily/weekly/monthly/on-demand expiry?
Add anti-filters, or white list filters to the filter list
Add a “DMZ” url pattern to allow anything to a specific URL REGEX pattern to be allowed (so I can post to my admin site without ReverseDOS locking me out).

I strongly recommend it after using it for only a few days.

» AngryPets: ReverseDOS

posted on Wednesday, November 02, 2005 9:25 PM

Feedback

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 11/3/2005 3:36 PM Michael K. Campbell

Hey Andrew, thanks for the great exposure. (I was just checking my site's analytics and saw a number of leads from your site).

I'm massively swamped right now, but over the weekend or early next week I'll be implementing an 'anti-pattern' as you mention above. This will let certain directories be flagged as 'trusted' - and ReverseDOS will skip checking requests for those directories. (Of course, you'll want these directories to be admin or other directories where users MUST authenticate prior to access, etc.)

The goal with this will be to make it easier for people to 'trust' their admin (and webAPI) directories - especially for larger installations like Community Server, etc.

Cheers!

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 11/4/2005 12:28 AM AC [MVP MCMS]

Michael - Fantastic! I'm glad I could push a bit of my traffic to your site. Curious how your downloads increase (if at all) over the next few days. Also, I'm eager to be a tester/early adopter of your updated ReverseDOS.

As for the "anti-pattern"... one thing that you may consider is implementing a client-bypass... not just a bypass for a directory. For example, I need to be able to post ANYTHING to my site... including a list of 10,000 URLs if I want (no, seriously, I have no need for 10k URLs, but if i want to, damnit it's my site and I should be able to). Sure, I can post to my web-admin tool, but what if I use an offline authoring app like wBlogger or BlogJet. Something like a special "ok" cookie. I put a little more thought into it:

> Create a page to add the admin section of a blog (password protected
> On prompt for a passphrase, and if correct, write some garbled passkey to a cookie on their client
> Provided the passkey is valid for the specified period (configurable), it will be sent in the request as it's in the cookie (or the user can append it to their post... which the HttpModule could strip it out?... dunno, just brainstorming) and therefore bypass your ReverseDOS
> Send some sort of notification (or some indicator) to tell the blog owner the passphrase expired.

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 11/5/2005 3:15 AM Michael K. Campbell

Yeah, eventually a cookie or something similar might make a good deal of sense. (Though most authoring apps use an API - so you can simply trust the directory where the API is accessed.)

I'll give it some more thought though.

BTW... I just released 2.9 - with the ability to trust specified directories. You'll just need to drop in the .dlls and make mods to your .config. Let me know how it goes.

# re: Blog Errors (Updated) 11/14/2005 7:33 PM The Lazy DBA

# re: Stupid Spammers 11/19/2005 10:36 AM The Lazy DBA

# Blog 12/5/2005 4:05 PM Andrew Connell [MVP MCMS]

# re: CAPTCHA - First line of defense implemented 1/13/2006 10:18 PM Jason Haley

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 3/28/2006 6:27 AM mp3 blog

use captcha

# The Comment Spam Visits With A Vengeance 12/28/2005 1:30 PM Wayne Larimore - his bloggin' We

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 3/29/2006 12:32 AM AC [MVP MCMS]

CAPTCHA isn't foolproof... while ReverseDOS isn't either, it's a heck of a lot more effective than CAPTCHA.

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 2/11/2007 7:14 AM Pozycjonowanie

Someone else below asked this already about antispam scripts.
I am getting nailed with Spam on my website mails and in our blog website - now its offline too much spam. Is there anyway to stop this? If not, there really isn't any point in leaving it up and active. Any help will be greatly appreciated.

Thanks for help, Keep up the good work.

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 2/11/2007 9:36 PM AC [MVP MOSS]

Poz - Did you look into ReverseDOS as I mentioned in my post?

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 3/7/2007 2:42 PM tanie linie lotnicze

In my opinion captcha is not enough to fight with spam...

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 8/8/2007 9:17 AM Affiliate

Well, one thing is for sure : that's one smart kid that worked that out. But, I'm kind of glad he did, CAPTCHA just irritates me. I'd rather hire someone to delete spam from my blog every day than get CAPTCHA installed.
But ReverseDos sounds interesting... one of the advantages of that kid cracking CAPTCHA, is that someone could come up with something better.

# re: Comment spammers, referrers, and trackbacks hurting your blog? Get pissed with AngryPets' ReverseDOS 12/12/2007 9:36 AM budownictwo informacje

Hmmm, if u use very advanced and customized capatcha it will work for u - thats how i reduced spam on my guestbook ;)

Post Feedback

Title:
Name:
Email:	(email will not be displayed)
Url:
Comments:
Please add 3 and 2 and type the answer here: Remember Me?

All Comments Are Filtered & Moderated
Unfortunately comment spammers are just too effecient and are constantly dirtying up blogs with irrelivant and unwanted comments trying to improve their standing on search engines. All comments on this blog are moderated. I do not censor comments, but I don't approve comments with vulger language or those soliciting products. Most of the time comments are approved within a few hours of being submitted with the only exception when I'm traveling.

Why are you asking for my email address?
The only reason I'm asking for your email address, which isn't required to submit a comment, is to provide a gravatar if you've created an account for yourself and associated your email address with a small image. If you have a gravatar created for the email address you submit, it will appear next to your comment. Otherwise nothing will appear.

What is a gravatar?
A gravatar is a "globally recognized avatar." You can get more information about gravatars, as well as create your own for free, at www.gravatar.com. You can also view my gravatar here.

This work is licensed under a Creative Commons License
Site design by Heather Solomon.