Spam, spam, spam, spam...

As you might have noticed, as of a couple of days ago this blog started getting hit pretty heavily by comment spam, composed mostly of links to Russian pornography sites. As of this afternoon, I think I have deleted all of the offending comments. There is a small possibility that I nuked a legitimate comment or two in doing so, but given the currently low frequency of real comments I'm getting, I doubt it. Still, if you left a comment in the last three days you may want to check that it's still there. If it's not, email me and I should be able to resurrect it from the notification email.

In an attempt to stop this from happening again, I've installed Menno Smits' "spamquestion" plugin, which relies on Steven Armstrong's "session" plugin. You now have to give a simple, one word answer to a question like "What is the opposite of hot?" to leave a comment here. The question is randomly selected from a set of about 10. This sort of spam protection isn't as strong as captchas, because it's a fairly trivial matter for a spambot to collect all 10 of the questions, have the answers provided by a person, and then spam as usual. However, it's perfectly adequate to protect against spam which isn't being individually targeted against your one site (the spam I was getting came from a range of IP addresses, so I'm going to assume it was the work of a botnet) and has the advantage of working in text-based browsers and not disadvantaging visually impaired people. Let's hope it works here.

Based on my preliminary fiddlings with these plugins, it looks like there is little in the way of graceful handling of incorrect answers to the spam question - the form just gets reloaded with none of your input preserved and no explanatory message. This is obviously unacceptable and I might get around to fixing it myself sometime soon. For now, just be careful!