[geeklog-devel] Negative side effect of comment spam filtering
vfuria at gmail.com
Sun Dec 19 01:03:51 EST 2004
If we're redirecting to the front page I don't think this will be a
problem. It sounds like MT is re-building the site front page when a
spam comment comes in (i.e. no redirect). This is a problem because
the page gets build even if the spammer just through out a HTTP post
request. If you just send a redirect in response, likely the spammer
isn't going to have his software visit the front page (and slow the
number of spams he can put out).
Now, we may want to look at reducing overhead as much as possible
(*cough* lib-common.php *cough*) to minimize the impact of a spam
All of this is just a guess of course. I've never seen any MT code
and I've only taken to most cursory look at our spamx plugin...
On Sat, 18 Dec 2004 23:29:08 +0100, Dirk Haun <dirk at haun-online.de> wrote:
> there's a story on Slashdot on how comment spam is causing increased
> server load on sites running Movable Type (the guys we're borrowing the
> blacklist for the SpamX plugin from).
> In this post:
> the blacklist maintainer writes:
> |In fact, we have found that there is a fairly major bug (in terms of
> |effect, but not code size) which causes page rebuilding even in the case
> |of a comment submission which would be moderated and hence should have no
> |effect on the live page. This means that even if you are using comment
> |moderation in Movable Type and even force moderation in MT-Blacklist,
> |your server load is impacted just as if a comment had been posted to the
> |live site. This bug has been fixed in development.
> Now, when filtering out a comment as spam, Geeklog throws the poster back
> to the site's front page. In other words, I guess this could happen to
> us, too, if the spammers would really start attacking a Geeklog site.
> Sounds like it would be better if Geeklog just died, only displaying the
> "spam detected" message (and maybe a link back to the index page, if we
> want to be really nice).
> bye, Dirk
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
More information about the geeklog-devel