Yabfog

This is a follow-up to a previous post about trackback spam.

I've noticed in my server logs that many spammers are still trying furiously to leave trackback spam at the default address. Since that address doesn't exist, they simply get 404 errors and try again. I already was using a custom error page, and now I've implemented a method to ban any IP address that repeatedly calls any script in the htsrv directory that generates a server error (e.g., 404 Not Found).

Here's the script: checkban. I call the function checkBan from my error document. I also intend to call it from other scripts (see BlockUntrustedVisitors) .

You'll also need to add something like the following to your .htaccess file to use this custom error page:

ErrorDocument 400 /blog/error.php?400
ErrorDocument 401 /blog/error.php?401
ErrorDocument 403 /blog/error.php?403
ErrorDocument 404 /blog/error.php?404
ErrorDocument 500 /blog/error.php?500

My forum post: here.

As of its most recent version, b2evolution has a problem with trackback spam. Several b2e users (including Whoo and Graham) have suggested renaming the directory that contains (among other things) the trackback script. In theory, this should eliminate spam from bots but should not effect legitimate commenters and pingers.

Here's a perl script I wrote to automate Whoo and Graham's suggestion: hidehtsrv.pl. I suggest creating a cron job to run hidehtsrv.pl periodically. Note: this script requires another of my perl scripts, randpass.pl, a pseudo-random string generator.

Here's a b2evolution forum thread about trackback spam, and here's a b2evolution forum thread about why renaming is effective.

See also my post about comment and referrer spam and my b2evolution forums post about this solution.

Walter Cruz told me about MySQLicious, which mirrors your del.icio.us bookmarks in a MySQL database. I think it works much better than my previous del.icio.us sidebar solution, which used Magpie to snarf the del.icio.us RSS feed and built the sidebar item from the RSS feed.

Here's the setup as I'm using it:

1. Setup MySQLicious according to its instructions, but ensure that you use the same database that you use for your b2e installation.
2. Copy _mysqlicious.php to your preferred location (I put it in the same directory as my theme files).
3. Modify your _main.php file to call _mysqlicious.php as a sidebar item. Two variables ($deliciousUsername and $MySQLicious_Table) must be set. In addition, you may set a third variable, $MySQLicious_items, which determines how many bookmarks will be displayed.

Note: Ensure that your MySQLicious setup complies with the del.icio.us rules of usage so you don't get banned.

Here's the b2evolution forum thread.

Similar to the change I made to the blosxom categorylist plugin, I modified b2evolution's category list module to only list a category if there are posts in that category. I also inserted a space between the checkbox and the category item.

This change goes in the file: {YOUR_BLOG_ROOT_DIRECTORY}/skins/_categories.php

Here's a running tally of the diffs.

And here's my post on the b2evolution forums about this.

Blog spam is becoming a serious problem. This site has been up for less than a month, and already I'm annoyed by one type of blog spam: referral spam. Another kind is comment spam or trackback spam. Good discussion and some suggestions are on the b2evolution forums here, and my referral spam solution is here.

del.icio.us seems like the greatest thing right now. It's a social bookmark manager.

I'm using the following code right now to include a random set of my del.icio.us bookmarks on this page. Discussion here.
Read more »

I've made a TrackBack Ping Bookmarklet for Firefox -- and mine actually works! Others I've seen don't use the "post" method, which is required by the TrackBack specification. Here's my TrackBack Ping Bookmarklet. Drag it to your toolbar. Select the URL to which you want to send a TrackBack Ping, then click the Bookmarklet. Fill in your blog information, and click the button. TODO: Add a method to pull your blog information from the TrackBack RDF you should have on your permalink page.