Spam, the Novel

Here at McHenry County Blog, we have been working hard to provide citizens with interesting and informative community and political news for almost ten years.

However, being the area’s “go-to” political blog comes at a price, both in the amount of dangerous traffic that we receive, and attempts by those who don’t like what we have to say and would enjoy silencing us.

One of the things that makes this blog so useful to the community is that it allows solely anonymous comment on its news stories, thereby providing means for unrestrained discourse on a wide range of issues.

We do not and will not stifle your thought in any way, except that, as this is a family-friendly blog, we do reserve the right to edit or delete obscene or objectionable comment.

But that comment is always 100 percent anonymous.

No user registration, no tracking of any kind takes place.

As this is so, there is a need to filter out “spam” – comments from those who would like to sell you Ray-Ban sunglasses, Viagra, feminine hygiene products and the like.

While we believe wholeheartedly in the free market system, we do object to the behavior of those who would place ads for products in article comments without our consent and without compensating us.

This is known in the web publishing industry as “comment spam” and it is a big, big, problem.

To combat this, we have put in place several methods to winnow out automatic posters from the real, live, breathing ones.

The first spam blocking tactic in place rejects comments that are made too quickly.

The reasoning behind this is that since a spammer uses automated responses, if subsequent comments are made rapidly following an initial comment then that commenter is most likely a spammer.

Research shows that humans take more than 10 seconds, at least, to fill out forms.

If a user takes 4 seconds or less to fill out a form they are not human and are denied.

The other spam block in place on this site is to deny access to comments when there are 5 comments made in less than 3 minutes.

Since spammers try to hit a site over and over again, and this site allows anonymous comments without need for CAPTCHA recognition, if more than 5 hits in 3 minutes are made from one IP address, the input will be ruled as spammy and stopped, added to the list of bad addresses and shown a challenge page to continue posting.

When regular users complain of these types of blocks, we are able to add their IP address to a “known good” list that will bypass these checks.

The problem with this is that Internet service providers will typically assign different addresses to their users upon reconnection or every few days.

If a user is using a mobile device to connect to the Internet, their assigned IP can change each time the device reconnects to the Internet or switches between wi-fi and cellular service.

There is another type of blocking action that is in place to protect the site from attack.

Without getting overly technical, it is possible for an no-goodnick to send commands through a web browser that could compromise the site in several different ways.

This is known as “SQL injection” and is one of the modes of attack that has caused so much financial and data loss at major commercial websites that have been in the news lately (as well as many, many more that you haven’t heard of).

This type of attack is prevalent in 2015, and is difficult to detect and prevent.

Attackers using this method successfully can do various nefarious things ranging from destroying websites or accessing private data to injecting spam advertising into websites.

It is probable that this block can be triggered by one of our users by innocently sending a malformed header, in other words, by an incomplete page request sent in error.

We do whitelist the IP address associated with this type of block after we are sure that it is truly not an attempt to subvert our site, but as I have noted above, that address is likely to change and so could still be triggered again.

As our site allows unregistered anonymous comment with no checks other than the spam traps I have just described, it is likely that there will always be some low degree of legitimate activity blocked as spam behavior.

The alternative is to have a site overrun with illegitimate content that would take much more effort to police and remove.

If you have been affected by our spam traps and can’t get resolution from our automatic systems, please don’t hesitate to contact me at admin@mchenrycountyblog.com.


Leave a Reply

Your email address will not be published. Required fields are marked *