(I really should put something like this on the wiki as well) How many actually use the Blacklist page in admin? I'd sort of left it alone because I knew it uses the black art of regex. But I've had a little look at it today and it does use string expressions as well. So if you are seeing spammy comments along the usual lines of 'poker' or 'pills' ... hmm that's probably going to get trapped in peoples filters ... anyway, you can create a new pattern and just put the term you want blocked in the body of the post. As long as you set the type to string. You can see it working in logs: [SP] Scanning for StringPattern poker [SP] Hit: String 'poker' matched Comments matching any patterns will not be posted. Be aware though there isn't any form of moderation on this ... so if your friends are wanting to organise a poker night then you won't hear about it on your site :) ** While testing I did run across some of those damn NoMethodError log entries again ... I'm going to have to find out what they are and are they linked to the Rails errors that I slam into sometimes? Do they make any sense to developers? Is it a Rails thing, a Typo thing or a mixture of both? NoMethodError (undefined method `look_for_needed_db_updates' for #<Admin::BlacklistController:0x4097a83c>): /vendor/rails/actionpack/lib/action_controller/filters.rb:399:in `send' /vendor/rails/actionpack/lib/action_controller/filters.rb:399:in `call_filters' /vendor/rails/actionpack/lib/action_controller/filters.rb:394:in `each' /vendor/rails/actionpack/lib/action_controller/filters.rb:394:in `call_filters' /vendor/rails/actionpack/lib/action_controller/filters.rb:383:in `before_action' /vendor/rails/actionpack/lib/action_controller/filters.rb:365:in ... blah, blah, blah Gary
on 2006-05-09 17:59
on 2006-05-09 18:20
To be honest, I only allow Ajax comments and have not received ANY spam at all. Haven't touched the blacklist...
on 2006-05-09 18:42
On 9 May 2006, at 15:20, Jake G. wrote: > To be honest, I only allow Ajax comments and have not received ANY > spam > at all. > > Haven't touched the blacklist... > Very true. Neither did I which is why I wanted to look at it. If you want a quiet life then don't allow non-ajax commenting because it works really well. I've still had a few spam comments (3 total), but they've been entered manually. I don't know if everybody would be the same though. Some might want to allow non AJAX commenting for an example - so people can comment from handheld devices (PocketPC, mobile phones and the like). No big deal to me, but others might want that. You could also use the blacklist to block any trolls if you pick them up. Saves messing with htaccess every time. Still it just shows that there is another level of protection with Typo that can be used. Gary
on 2006-05-09 18:54
I also don't allow non ajax comments and for the comments that works fine, but occasionally I do get trackback spam. The other day I had to remove 190+ trackbacks from one post. - which reminds me: some sort of "delete-all" button (for comments or trackbacks) in the admin panel would be nice :) On 5/9/06, Gary S. <email@example.com> wrote: > Very true. Neither did I which is why I wanted to look at it. If > > Still it just shows that there is another level of protection with > Typo that can be used. > > Gary > _______________________________________________ > Typo-list mailing list > firstname.lastname@example.org > http://rubyforge.org/mailman/listinfo/typo-list > -- Koen.
on 2006-05-10 06:06
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/05/2006, at 00:20 AM, Jake G. wrote: > To be honest, I only allow Ajax comments and have not received ANY > spam > at all. I only allow AJAX comments myself, and I've definitely had spam since disabling it. I ended up just blocking comments past N days, to reduce the number of articles I need to remove comments from if it happens. TX -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFEYUohuMe8iwN+6nMRAhJyAJ40NtGwgq1WRjmZPtwDsr/p2gCVsQCgjRfA iVEkfx5pdqh0FYcML9ndWhY= =Z2dU -----END PGP SIGNATURE-----
on 2006-05-10 09:58
The annoying limit on blacklists is that they only match against the body of the comment, not the url or email address. I get a lot of blog spam that is using the url to generate some blog mana by linking off mine. Would be great if the blacklist worked on the url field too. Yes, it's an easy patch to make (I think) but I'm not running trunk yet so I'm not set up to do it myself just now. -- Josh S. http://blog.hasmanythrough.com
on 2006-05-10 13:55
On 9 May 2006, at 15:54, Koen Van der Auwera wrote: > I also don't allow non ajax comments and for the comments that works > fine, but occasionally I do get trackback spam. > > The other day I had to remove 190+ trackbacks from one post. - which > reminds me: some sort of "delete-all" button (for comments or > trackbacks) in the admin panel would be nice :) Trackbacks are an issue. Personally I don't see the use for them and think it's dead as a function - no matter what the blog engine. There are enough blog search services to keep an eye on what people are saying about your site and if people want to get some link lurve then commenting is available. For spammers it's a great service which is why I have trackbacks disabled as a matter of course. You have reminded me that it does need to be easier to navigate articles and comments. If you get a notification of a comment it's actually quite difficult to get to the comment in admin as you are informed of the permalink (site/day/month/year/this-is-a-comment) and not the admin comment link - which would be admin/article/ 1234comments. A few times I've had to search the database for the corresponding article number so I can manually enter the admin url to nuke the comment. You can of course nuke it directly from the site if you're logged in as admin - but sometimes I might just want to edit the comment (trolls or whatever) or gather the IP information for it. Gary
on 2006-05-10 13:58
On 10 May 2006, at 06:56, Josh S. wrote: > The annoying limit on blacklists is that they only match against the > body of the comment, not the url or email address. I get a lot of > blog spam that is using the url to generate some blog mana by linking > off mine. Would be great if the blacklist worked on the url field > too. Yes, it's an easy patch to make (I think) but I'm not running > trunk yet so I'm not set up to do it myself just now. Spam protection does check against the domain on blacklists. But I'm seeing that in trunk. Gary