• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0

Captcha is not preventing spam comments from being submitted

New Here ,
May 26, 2012 May 26, 2012

Copy link to clipboard

Copied

Captcha does not seem to be working on our blog.  (http://www.waterthebamboo.com/_blog/Blog) We are receiving Spam comments multiple times per day.  Shouldn't Captcha/Image Verification prevent Spam posts from being submitted via the Form?  It's a real pain to have to dig through all these spam posts in the admin.

Views

22.3K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Jul 17, 2012 Jul 17, 2012

We are very much aware that spam engines become more and more sophisticated, and what's happening here is that they can actually read the captcha image and interpret it.

The engineering team is already looking into different solutions to get this fixed, and a fix should be available in the August 21st release.

- Bogdan

Votes

Translate

Translate
Community Beginner ,
May 26, 2012 May 26, 2012

Copy link to clipboard

Copied

Captcha only eliminates bot spam, not human spammers who can bypass captcha. I haven't used the blog yet because our is set up elsewhere. We moderate comments there, but the drawback to that is that you will lose non-spamming commentors.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 27, 2012 May 27, 2012

Copy link to clipboard

Copied

Sure seems like we're getting a lot of "human" spam then.  Are we sure it's "human" or could it be some smart 'botting that is detecting/reading/inputing Captcha?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
May 27, 2012 May 27, 2012

Copy link to clipboard

Copied

It's possible that there are OCR-capable bots hitting your blog. But there are also tons of people who do nothing more than post spam links on blogs all day long ("work at home" scam jobs, SEO scammers, etc.). If you comment section allows links to be followed by search engine bots you're gonna get hit hard with link spam, so make sure comments are set to "nofollow" and moderate them.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 30, 2012 May 30, 2012

Copy link to clipboard

Copied

hi crafty alien,

how do you make sure comments have Nofollow set on?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
May 31, 2012 May 31, 2012

Copy link to clipboard

Copied

Perhaps you could add this http://www.robotstxt.org/meta.html to your blog layout.

-m

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 31, 2012 May 31, 2012

Copy link to clipboard

Copied

But won't that prevent Search Engine robots from following the blog post URL too?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
May 31, 2012 May 31, 2012

Copy link to clipboard

Copied

Form what I understand they should go as far as the detailed blog layout and not follow anything from there...

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
May 31, 2012 May 31, 2012

Copy link to clipboard

Copied

Hey Mario - Hey ya i know long time No see!!!! how ya been ....

Thanks for this - The captcha settings wasn't set to enforce - so i ticked it for everything . Why would it not enforce though automatically?

Also - with that meta robots thing do i place it on the blot main layout? or just on the post? and what does this do - i tried reading that doco but it was a bit confusing.

so it doesnt stop regular search bots from following???

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
Jun 03, 2012 Jun 03, 2012

Copy link to clipboard

Copied

Heya, it's not forced automatically because some clients use V1 captcha and we can't break the backwards capability.

As for the meta noindex/nofollow, you can place it inside the overall blog layout.

Cheers,

-m

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 14, 2012 Jun 14, 2012

Copy link to clipboard

Copied

Thanks again for your help mario

I have tried the captcha thing (turning it on) but still getting some spam so I am looking into trying the No Index no follow

The thing is I was researching it and it looks like if I used the <META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"> that would stop search engine bots from indexing the blog posts??  Would that mean that the website would not get the SEO benefit from all posts? http://googlewebmastercentral.blogspot.com.au/2007/03/using-robots-meta-tag.html

I am not sure if I am correct on this does anyone have any feedback on this?

Is there any other way to try and stop bots from filling out the comments? seems these ones are either human or bypassing the captcha still ..... hmmmm

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
Jun 14, 2012 Jun 14, 2012

Copy link to clipboard

Copied

There have been several reports in past two weeks of the captcha being compromised. The dev team is currently looking at the fix. No ETA on it yet. Please PM me the blog URL though.

-m

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

I have clients coming at my left right and centre as there has been a massive amount of #paydayloans etc coming through, they don't end up in your unapproved ... it's a little odd. I have heaps on my own site too but they don't show on the blog, in the unapproved but do in the live feed. Is there anything happening at the moment to stop the blogs being exploited?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 15, 2012 Jun 15, 2012

Copy link to clipboard

Copied

Thats the same with my clients blogs - its the Pay day loans - every day!!!!! sometimes twice!!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jun 16, 2012 Jun 16, 2012

Copy link to clipboard

Copied

Yep, the payday loans are the most frequent blog spammers I'm seeing every day.

I would like to try removing the 'website' field from the comments form to see if deters them, but can't find any way to do this 😞

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Jul 18, 2012 Jul 18, 2012

Copy link to clipboard

Copied

Same here Pay Day Loans has cracked the syetem and has done so for a long long time. I just deleted the comments code  from yet another clients blog just this morning to stop it happening. They are not the only ones but one of the more common and it has been quite heavy in the lst few months.

We have also seen a lot of falsified System Messages made to look and feel like a message coming from the partner portal. Basically these false emails are trying to probe for access details and trying to get you to login into a false site. We reported this early last year but never got a response from BC about it. It has been a while now since we have seen one or had one reported by a client but I am sure they are still going on.

I do not think the setup of the BC addressing is very smart either. By having every site retain a public link being http://mybusinessname.businesscatalyst.com allows for spammers to very easily do a search for every site hosted in BC and then sytematically start hacking all. Try typing in .businesscatalyst.com into Goggle and see the scary listings start to appear.

I have heard of spamming farms being setup out of Asia so the cheap 'human' element just goes and spam by hand all day long (what a life).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
Jul 18, 2012 Jul 18, 2012

Copy link to clipboard

Copied

I doubt anyone has to resort to a captcha farm to beat business catalyst. Just looking at the captcha they serve and comparing it to any other captcha currently in existence should make it obvious that the BC platform wasn't built with the intention of taking users' security seriously.

Matthew_Wooler wrote:

Same here Pay Day Loans has cracked the syetem and has done so for a long long time. I just deleted the comments code  from yet another clients blog just this morning to stop it happening. They are not the only ones but one of the more common and it has been quite heavy in the lst few months.

We have also seen a lot of falsified System Messages made to look and feel like a message coming from the partner portal. Basically these false emails are trying to probe for access details and trying to get you to login into a false site. We reported this early last year but never got a response from BC about it. It has been a while now since we have seen one or had one reported by a client but I am sure they are still going on.

I do not think the setup of the BC addressing is very smart either. By having every site retain a public link being http://mybusinessname.businesscatalyst.com allows for spammers to very easily do a search for every site hosted in BC and then sytematically start hacking all. Try typing in .businesscatalyst.com into Goggle and see the scary listings start to appear.

I have heard of spamming farms being setup out of Asia so the cheap 'human' element just goes and spam by hand all day long (what a life).

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jul 20, 2012 Jul 20, 2012

Copy link to clipboard

Copied

Just how long should it take to replace the Captcha module with one that is harder to crack? This has been going on for SIX WEEKS.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Jun 18, 2012 Jun 18, 2012

Copy link to clipboard

Copied

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
Jun 19, 2012 Jun 19, 2012

Copy link to clipboard

Copied

Everyone, please make sure that you have this setting enabled:

Captcha.jpg

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jun 19, 2012 Jun 19, 2012

Copy link to clipboard

Copied

Thanks Mario though the one that is getting the most payday loans spam already has that setting ticked ... can you help out with any other suggestion?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Mentor ,
Jun 19, 2012 Jun 19, 2012

Copy link to clipboard

Copied

Then it must have been compromised and the bots have found a way around it. I know that the dev team is looking at the was of tackling this at the moment, so please followour blog for further announcements on this issue.

Cheers,

-mario

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Guest
Jun 29, 2012 Jun 29, 2012

Copy link to clipboard

Copied

We are getting it as well from "cash advance loan".

Our site: www.lechameauUSA.com

The spammer's email: fkokooeelel@gmail.com. I can forward you the customer comment form if it would help.

Chuck

(And yes, I have CAPTCHA activated and the settings are enabled.)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Participant ,
Jun 29, 2012 Jun 29, 2012

Copy link to clipboard

Copied

in addition to a better captcha, how about access to a spam blacklist (like akismet?)

also is there an option to just filter out bbcode/html from comments by default?

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Jun 30, 2012 Jun 30, 2012

Copy link to clipboard

Copied

We have had the same problem with all our sites and decided to change them to use the Facebook comment module. We are probably losing a few commenters, but most customers prefer genuine comments over trolls and spammers.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines