 |
VWcms | Spam Abuse |
![[PREV]](/_vdub/arrow_left.png "open previous page"){kind=icon}
![[back]](/_vdub/arrow_down.png "go back to previously viewed page"){kind=icon}
![[NEXT]](/_vdub/arrow_right.png "open next page"){kind=icon}
![[PRINT]](/_vdub/print_all.png "print entire site")
![[LOGIN]](/_vdub/key.png "login to manage site")
Comment/feedback/form submission abuse may be from humans being a nuisance or malicious, or from spambots creating unwanted activity and site pollution.
Although a notoriously difficult issue to address other than through moderation there are some configurable mechanisms available that attempt to minimise the possibility of site abuse and DOS. All apply to Reader Comment and some to Reader Feedback and to Reader Form.
VWcms, not being a LAMP style application, probably has some immunity due to the relative obscurity of its interface. However 'bots have had a lot of development time invested in them and are highly sophisticated applications. There has been at least a couple of instances of probable spambot activity on the VWcms comment interface! (Though it's difficult to tell human from spambot, and from human-assisted spambot.)
Q and A to Comment
A question and answer challenge attempts to exclude automated spam generation by requiring additional input that would be difficult for a machine to identify as such and produce an acceptable response for.
See Using Q&A.
reCAPTCHA to Comment
A CAPTCHA is a program that can tell whether its user is a human or a computer. You've probably seen them - colorful images with distorted text at the bottom of Web registration forms. CAPTCHAs are used by many websites to prevent abuse from "bots," or automated programs usually written to generate spam.
See Using reCAPTCHA.
Ticket to Comment
A ticket is a unique string, provided by VWcms, which must be included in the comment/feedback text by the user. When a comment/feedback page contains a $$TICKET$$ directive VWcms requires the specified ticket in the comment/feedback text or it will be rejected. This is an attempt to defeat spambot automation.
See Using Tickets.
User Agent
VWcms comment files store the request user-agent string. These can be examined to determine if a 'bot has some identifying agent string characteristic and excluded from site access using the [reject-agent] and/or [comment-reject-agent] configuration directives.
This site may be of some assistance
http://www.botsvsbrowsers.com/
Text Strings
The comment or feedback (email) text can be examined for specific strings and rejected if present. There are two variants with this.
| [comment-reject-string] | This directive accepts strings, one per line. These strings are literals and may contain white-space. If they are found in the text the comment/feedback is rejected. |
| [comment-reject-word] | This directive accepts a series of white-space delimitted 'words'. The comment/feedback text is processed to eliminate all non-alphabetic characters (to reduce obfuscation) and then these words are searched for in the text. If found the comment/feedback is rejected. |
Maximum Comment Size
Configuration directive [comment-max-chars] sets the maximum size of any single comment in bytes.
Maximum File Size
The total comment file size in kilobytes can be set using directive [comment-max-size]. (Reader comment only.)
Minimum Interval
Directive [comment-min-interval] sets the minimum interval in seconds between successive posts from the one host IP address. (Reader comment only.)
Host Maximum
The maximum number of postings against any individual comment from any single host can be set using the [comment-host-max] directive. (Reader comment only.)
![[PRINT]](/_vdub/print.png "print this page")
![[PRINT]](/_vdub/print_plus.png "print this and sub-pages")
|
![[TOP]](/_vdub/arrow_up.png "go to top of page"){kind=icon} |
|
| As at: Saturday, 18 May 2013 12:51 Updated: Sunday, 24 July 2011 22:40 (nearly 2 years ago) | ||