Comment Spam Protection

I have switched from Akismet to Defensio for my comment spam protection. I don’t know if this will be a permanent change. The effectiveness of Defensio will decide that.

Therefore, if you find your comment is not being displayed, it’s quite likely that Defensio has treated it as spam. Don’t worry though. All comments marked as spam are availabe to me in a list so I can go through them and decide which ones are legitimate.

Here’s to a comment spam free blog!

Email Injection Attacks

Over the past week or so I’ve been the unfortunate bearer of email injection attacks on two of my sites. It’s no fun I can assure you!

So, I’ve had to search for anything that can help me overcome these nasty so and so’s. That’s when I came across an article called Email Injection – SecurePHP.

While it does explain how the spammers were able to exploit the contact forms on my sites, it’s example of how to stop it from happening doesn’t seem to have worked. I implemented the neccessary changes last nite, but first thing this morning I received the same junk emails in my inbox – which suggests I’ve not stopped the rot :(

I’ve also tried this suggestion on the PHP site, but I don’t believe that has worked either. Maybe I should give it a few days to see for sure.

* Fingers Crossed *

Update

The spam emails seem to have stopped from one domain but not the other, which is strange considering I implemented the same filter on both forms. So more searching was required to find an alternative solution. That’s when I came across this piece of code, which I hope will put an end to these email injection attacks once and for all.

* Fingers Crossed Again *

Update 2

Well, the last change seems to have done the trick. I haven’t received any more spam emails from my own forms. I just hope posting this update doesn’t put a curse on me :D

Comments Temporarily Disabled

I’ve temporarily disabled commenting because there has been 100+ spam comments posted over the past few days. The built in spam filter isn’t working properly, so I’m going to have to find an alternative way of stopping it.

Once I do, comments will be turned back on.

Update: Comments have been enabled again.

I have installed a new plugin called ‘Bad Behaviour’ which I hope will resolve the current comment spam problems.

* Fingers Crossed *