Confidential to my crapflooder

Although you’re getting rather tiresome (15 minutes of unsuccessful attempts to post a comment would be an experiment; two hours is just misplaced faith), I wanted to tell you that searching my weblog for “nonce” after an hour and a half of failures was hilarious. You brightened my afternoon with that one!


Comment by Jacques Distler #
2004-01-21 17:13:19

Damn, Phil! You get all the fun.

They’ve completely given up on visiting my site. I feel almost … lonely.

Comment by Phil Ringnalda #
2004-01-21 17:36:44

Don’t go giving yourself credit for that thirty seconds of internal server error, either. New FTP program, thought it ought to send .htaccess as binary. Twits.

Comment by Phil Ringnalda #
2004-01-21 18:32:24

Amazing how many ways a crapflooder has to win, and how few his targets have. It just occurred to me that the reason my comments suddenly dropped off was that nobody wants to get too close to someone waving a red cape in front of the GNAA. Sure, they don’t actually manage to flood me, but that’s no reason for you to be a nice fat target when they get tired of failing to flood my comments. Hmmm. See you all on the other side of this, I guess :)

Comment by Sam Ruby #
2004-01-21 19:10:06

Three guesses who currently ”owns” the term nonce, from a Google perspective.

I’ve also gotten a few queries on ”movabletype nonce” and ”nonce movabletype”, both of which I also seem to own, compliments of Jacques.

Let the countdown begin…

Comment by Phil Ringnalda #
2004-01-21 19:25:57

I’ve developed such complete faith in Google working the way I expect it to that I didn’t even bother checking, or linking to your post (though I thought about it, just to give you the chance to gather your own crapflood data).

Maybe you’ll still get to, if Jacques ever lets him out.

Comment by Jacques Distler #
2004-01-21 20:20:09

I have to say I quite enjoyed my bit of data collection. I’ll let y’all know what comes of it.

But there are more lowlifes where he came from. I suspect we (you? me? Sam??) have not seen the last of them.

But I wouldn’t worry about the rest of the commenters. They’ll return when the shitstorm blows over. Which, I expect, will be real soon now.

Comment by Jacques Distler #
2004-01-22 10:14:20

I guess I have that magic touch, Sam. Guess who ”owns” throttle MovableType?

Comment by Adam Kalsey #
2004-01-21 23:15:54

What the hell, I already have comment spammers pissed off at me and trying to hack my server. Might as well join the fun here too.

What fascinates me is that these children spend like to point out how slow and stupid we are, but they have yet to notice that they could flood blogs in a way that we couldn’t stop. These uncreative little nonces (in the slang sense) can’t seem to think their way past convention. When I was a kid, thinking outside the box was encouraged among digital miscreants. What are they teaching in school these days?

And no, I’m not going to post the method here or anywhere else. Do I really look that stupid?

Comment by Adam Kalsey #
2004-01-21 23:19:49

I really should read my posts before I submit them. Then I might actually post valid, well-formed English.

Comment by Phil Ringnalda #
2004-01-21 23:44:01

I try, and I try. I force you to preview, and look what you give me!

I do that so much, start one sentence structure, decide I don’t like it, and leave that one stray word in the middle.

And yes, I know several ways to get past my weak defenses, plus the thing you’re probably thinking of. Long run, I just can’t seem to think of anything other than moderating anything we aren’t sure of, so that nothing ever shows up for people who annoy us, and they eventually lose interest (at least, I’d get tired of submitting thousands of comments with no visible effect).

Comment by Jacques Distler #
2004-01-22 07:47:48

Hey Adam!

Welcome to the party.

There’s no getting around the fact that we can always be DoS’ed by a determined attacker. The best we can do is make our software a little more robust, and hope our attackers are not that determined (or, in this case, not that intelligent).

Comment by Jeremy Bowers #
2004-01-21 19:21:12

For my tentatively planned ’blog platform, I intend to partition off the comments behind some kind of /comments URL and instruct search engines not to crawl that directory via robots.txt.

Maybe it’s time the blog developers start doing this; blog Google juice is too tempting, otherwise.

Comment by Phil Ringnalda #
2004-01-21 19:31:21

You don’t even need to bother with robots.txt – just put a query string including (foo_)id=, especially with a six-or-more digit number behind it, between bots and your comments. It’ll take you right back to the way things used to be done, with comments always in popups, usually fired off with Javascript, and please roughly half of the people currently spamming/flooding weblog comments. Even among the people spamming, not just crapflooding, a large part of why they are doing it is because they are pissed off at us. Spend months designing a static spam site to sucker Google in, and some jerk with a blog happens to title a post with your keywords and jumps right to the number one position. They aren’t just attracted, they’re jealous, and if you give up your pagerank, or give up on transferring in through comments (I’ll be giving you a tiny bit, as thanks for commenting), then they win.

Comment by Phil Ringnalda #
2004-01-21 19:43:49

Though, when you get right down to it, I have noticed some bloggers (not here but elsewhere) who are basically spamming Google, Technorati, and whoever else might be watching, by leaving six word comments on every blog they can. I know quite a few people who I only found through the comments they left, here and elsewhere, and who built up a reputation based on those comments, that then transferred over to their own blog, but I can easily picture that getting out of hand, too.

Comment by Luke Hutteman #
2004-01-21 21:59:29

Phil, I could not agree more.

I was tempted to have the line above be this entire comment, but wouldn’t want to build a reputation…

I’ve had those type of comments several times on my blog and typically treat them like I do blogspam: delete and blacklist them. Just because the spam may be done manually doesn’t make it ok, it’s still spam.

A weblog-comment-system is not a free-for-all enhance-your-pagerank system. Anyone who treats it that way will simply be out of luck if they later decide to try and leave a real comment.

Comment by Phil Ringnalda #
2004-01-21 23:46:22

Heh. Your blog is one of the places is was thinking of, since I’m subscribed to your comment feed. Some of those comments just don’t seem quite right.

Comment by Laurabelle #
2004-01-26 19:12:08

One of the nice things about being unpopular is that I have been completely oblivious of the high-volume attacks… No one cares enough about me to bother.

On the other hand, I have gotten a handful of comments that clearly had no purpose other than to create a link from my site to another. Those were all concentrated on one entry, and after I closed comments on that entry, I haven’t gotten any more.

For what it’s worth, I now have a comment policy that states my opinion of content-less posts, meaning that I will delete them immediately and without notice.

Comment by Phil Ringnalda #
2004-01-26 20:26:37

I was going to reply here, but the textarea was getting too small, so I went over to an entry instead ;)

You did come here after installing Jacques’ throttle patches, right? Please tell me you did, since one of the very best ways to get yourself noticed by a crapflooder is to comment with a link in this post, or one of Jacques’. Since they are doing it for the attention their mommies didn’t give them, and we give them some (telling them all the while, correctly, that they are stupid and useless and couldn’t code their way out of a Hello World, but attention none the less), they are worse about checking our comment threads than a brand new blogger checking his SiteMeter stats. Better get that throttle in, and turned down low.

Comment by Sean Conner #
2004-01-23 18:54:14

No need to do all that, just stick the comments on their own page, and put <META NAME="robots" CONTENT="noindex,nofollow"> in the <HEAD> section and be done with it. Most robots I know of (and definitely Google) will honor those tags. I’ve used them to control indexing of my own blog to great effect.

Comment by Jacques Distler #
2004-01-23 18:01:08

Could it be that the Crapflooders actually have a life? Here it is, Friday night, and a deathly silence hangs over the joint.

Naw. That seems terribly unlikely.

Maybe it’s that flu that’s going around. Can’t see straight to use the keyboard…

Trackback by Musings #
2004-01-21 20:41:02

One Down

So I finally did get visited by one of the Crapflooders. Phil was visited by the same fellow earlier in…

Trackback by Eclectic Echoes #
2004-01-25 15:23:52

FloodMT Crapflooding, Trackback-flooding and Whining crapflooders

It’s almost funny, in a wierd twisted sort of way… Recently the comment spam problem for MovableType users escelated when some script kiddies released an automated comment spammer. The site hails it as: the first integrated solution for tes…

Trackback by Eclectic Echoes #
2004-01-27 00:53:56


It’s almost funny, in a wierd twisted sort of way… Recently the comment spam problem for MovableType users escelated when some script kiddies released an automated comment spammer. The site hails it as: the first integrated solution for tes…

2004-01-29 02:09:42

One happy, one sad

Two things before breakfast, one happy, one sad. Happy: Downloadable MP3s from The Paris Review – including a great story by George Plimpton, read by himself. Sad: Weblog DDoS attacks, happening in the wild. not only there but here, and…

Trackback by Burningbird #
2004-01-29 03:02:32

Stepping Stones to a Safer Blog

edited In the last few weeks, I’ve been hit not only by comment spammers but a new player who doesn’t seem to like our party: the crapflooders, people who use automated applications (you may have heard of the program called ”MTFlood” or some variation)…

Trackback by Electric Venom #
2004-01-29 18:51:46

Calling All Techies: Help?!

I received a notice from my hosting company today indicating that my site has caused their server load to jump to over 200, in particular the mt-comments.cgi and other scripts used to run MT. They’ve already moved me to a different server, but I’m abou…

Name (required)
E-mail (required - never shown publicly)
Your Comment (smaller size | larger size)
You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <del datetime="" cite=""> <dd> <dl> <dt> <em> <i> <ins datetime="" cite=""> <kbd> <li> <ol> <p> <pre> <q cite=""> <samp> <strong> <sub> <sup> <ul> in your comment.