Friday, June 16, 2006

Reduce Spammers

In the last several months, my personal website was hit by spammers everyday (in guestbook section). It's because the hosting services disabled the GD library and it will be enabled again if we upgraded the basic package to professional package. I used GD to make small (and simple) CAPTCHA code to prevent bots to fulfill my guestbook. Since then, i make a simple validation based on blacklisted IPs, but it wasn't effective as well, since they can use open proxies and they can do IP Spoofing using tools that are available on the Internet.

Last month, my account on the hosting services was expired and then we changed to my friend's hosting service and i asked him about the GD status and he said that it is enabled, so yesterday, i re-upload the code to enable CAPTCHA code in my guestbook to reduce spammers. I know somehow, they can broke it, but at least, it has been drastically reduced for now and i'm pleased with that, since i made the code by myself (with some help of PHP Manuals). I know that there is a PEAR extension for CAPCTHA, but i don't know whether the PEAR is installed or not, so for safety, i just create some simple code but it worked (at least for my case). I will also find better code with simpler technology to be implemented soon.

Next step is to implement the same code in my writings where visitors can give their comments on my articles that i wrote.


  1. Hey Willy,

    Wordpress comes with askimet, which is very effective in reducing spam in my comments (I never had a spam msg eversince I started my weblog on wordpress). Maybe the structure of the programme might give you ideas about how to work around the problem.

    Another thing I read about is the way sites work around the the lettercode issue: some sites require a person to register, within the form they have a field, similar to the one below this window and they ask you to retype the letters. In real it's the lettercombination of the site which is spamed. This way the spammer works around the letter combination thing.. Nothing you can do about this :) smart spammers ;)

  2. i know, since i have a domain which uses WP (, but sometimes it returns a false positive also, so all i need is just to prevent spammers. If i use kismet, it may solve my problems, but it may also bring another problem (since i have to 'teach' akismet to learn about the whitelist and blacklist of the spammers).

    as for now, CAPTCHA code is working and i'm quite satisfied with that :D

  3. Just curious, how many spams did you get everyday?
    Last time, I received about 30 - 40 spams everyday. After installing askimet, they suddendly disappeared... :)

  4. if you using WordPress, you can install 'spam karma' it's a nice tool to reduce spam. I'm using it on my blog now and it's quite efective.

  5. maybe up to 10 spammers, but sometimes more. aKismet and SpamKarma are nice tools, but unfortunately, it can only be used in WordPress. If i want to apply it on my website (which i made it by myself), then i have to look on the code and modify it to suit my need and it will take so much time for that :D