Please allow me to go off topic for a moment.
Twelve Mile Circle was having quite a spam problem until yesterday. You, the readers, were spared from this awful torment because comments are moderated on this blog and do not become visible until I review and approve each of them individually. When I first started this site I got perhaps one or two spammy comments a day, and while that was mildly annoying they were easy enough to delete them from the moderation queue and I could then go on my way. When it rose to 40 messages a day and climbing, it grew beyond annoying and I knew I needed to find some other way to deal with it.
I looked into several solutions but they seemed to either involve extra hurdles for legitimate readers or coding changes that outstripped my limited technical abilities. Challenge-response is a common method for dealing with non-legitimate users. Essentially, the reader is asked a question that can be answered easily by a human who is then allowed to proceed. CAPTCHA is an example, but the problem I have is that I have I hard time trying to figure out those weird, warped letters. This is only going to get more difficult as spammers develop more sophisticated tools to decipher them. Homegrown challenge-response systems can be coded directly into files to ask questions like, “How far across is a 12 mile circle?” You can answer that quite easily, but of course a bot cannot. That’s a pretty good solution. However the reader now has an extra step and even so I don’t really have the skill to make the necessary coding changes. There were other solutions that would involve hiding or renaming certain files that were also somewhat beyond my abilities.
Then I came across a very elegant and simple solution on Ardamis.com that involved time stamps. It works on the basic principal that bots want to stuff as many comments in as many places as they can in the shortest amount of time possible. They will enter anything into the comment box and hit submit, or may skip that step entirely and go straight to comment posting file. Humans — at least those who are interested in the content of a blog — will (hopefully) consider the content of a given entry and carefully construct a comment with lots of thought-provoking commentary. At the very least a human comment will take more than a minute to compose, and probably several more. In theory, by requiring the comment page to be opened for at least sixty seconds before allowing it to post to the moderation queue, there shouldn’t be any inconvenience to humans but bots should be blown out of the water.
I decided to try this solution, which involved the addition just a couple of very small and simple code snippets, so easy to add that even I couldn’t mess it up. Within ten minutes the changes has been applied. I did some basic testing and it seemed to work. So with fingers crossed I opened the moderation queue this morning. I knew that spammers had been banging on the door all night because I saw the files pinged in the access logs when I reviewed them this morning. However, NONE of them, ZERO, made it through to the queue. I’m sure someday they’ll figure it out but for now I’m blessedly spam free.
Now back to Geography…