Easy End to MT Comment Spam
19 Jul 2004
When I first started getting comment spam, I thought I could delete it manually. I didn’t realize how much I already had. When hours of manual deletions weren’t enough, I googled “comment spam” and found MT Blacklist. It’s a brilliant plug-in that allows MovableType users to deny comments from known spammers as well as easily delete from the database existing comments posted by spammers.
This is all well and good, but it depends on the blogger regularly updating his spammer definitions and then running MT Blacklist to remove newly posted spam. It’s certainly way better than deleting it all manually, but it’s far from automatic at this point, and it’s still a big pain.
I was quite pleased then, to discover another, simpler solution, which when used in conjunction with MT Blacklist should keep your Movable Type blog pretty much spamless:
…Spammers have automated scripts that look for Moveable Type blog sites and they then post to our comments using a direct call to the “mt-comments.cgi” script. If you installed Moveable Type into the default directory (/mt) then they know exactly where the script is and how to call it.
The solution is simple: rename the script to some odd name (ex. qwerty.cgi) and edit your mt.cfg to point to the renamed CGI script. Look for the line that is commented out and reads “# CommentScript mt-comments.cgi”. Uncomment the line and change the name of the script to the new name. You need to rebuild the site before it takes effect. Users will not be able to post comments while you are doing this but the entire process only takes a few minutes.
I made this modification about three weeks ago and have not had a single comment spam since then. [source]
Don’t forget to rebuild! Your comments won’t work until you do.
Granted, this is not a permanent solution, but it has drastically reduced my own comment spam, and I’ll take the break from comment spam as long as I can have it!