One thing I noticed about the comment spam is that it always seems to have the REFERER field set to the image being commented upon.

Normally, when one posts a legitimate comment, the referrer is *not* set.

I added this little check to index.php to reject any comments with the referer field set and it seems to be working. Even with Akismet, some spam was still getting through, this little fix seems to work OK (so far):


I added the check for the referer around lines 923-931 in index.php

// ################################################## ########################################//
// SAVE COMMENT
// ################################################## ########################################//
if(isset($_GET['x']) && $_GET['x'] == "save_comment")
{
/* Reject comment if it came with an HTTP REFERER */
if (isset($_SERVER['HTTP_REFERER'])) {
die('Access denied.');
exit;
}



Others might want to try this out and report how it works in their situation.
The spamming problem has been a huge pain in the butt lately for alot of
people, for sure.

By default I dont send anywhere REFERER header so I wont pass your test. That isnt the best idea of fight with spam.

It *would* work for you because the check I added only allow comments that do NOT have a referer.

I realize it is certainly not perfect. Anyone with a clue can modify their referer headers to send something or to send nothing. However, the MAJORITY of people don't bother. Plus, I noticed that a regular user, who posts a comment by going to the comment page and filling in the form, does not result in a referer header line. Only the spam comments had a referer line included.

Spammers don't go through the form, they just send a POST directly to the site with the fields already filled in, plus they send a referer header which is the tip off that it is coming from a spammer, thus the check I added works to block spammers but not MOST non-spammers.

Of course, now that I've posted this, if there are spammers following these threads, then they will just make a quick fix to their scripts and my test will no longer work.

As I said, its a quick fix, it's not complicated or very clever, but it has relieved me from having to go into my admin panel and delete spam every morning.

assuming you are correct that the only commentors who have referers are spammers then this is indeed a useful 'quick fix' - although of course it is a barrier easily overcome by spammers it is still another deterent for them.

I checked my log files and at least in my case you actually have it backwards. Every single IP address that was (and is trying to) spam me didn’t have a referrer. And a random selection of the ones that were not spam all had a single referrer (my main page).

The however what I found as the other common thing with my spammers was that none of them had the parent_name set or were improperly set. My guess is that they just pick a random number for the parent_id and post with that. So for me the best check would be to verify that the parent_name is valid and parent_name and the parent_id match to the same image. On top of that I use CAPTCHA.

Hope this helps.

@sman317,

did you check
http://forum.pixelpost.org/showthread.php?goto=newpost&t=4310