Attacks on blogs

Yes, there are personal attacks, I know.  I am looking for some feedback for you folks who have your own blogs about your spam situation.  I have pretty good filters, though some things slither through (and I use that verb pointedly).  I am forever clearing spam out of the fliter.

In any event, if you chime in, let us know also what you are using for your blog.  This, for example, is in WordPress, on a dedicated server.

About Fr. John Zuhlsdorf

Fr. Z is the guy who runs this blog. o{]:¬)
This entry was posted in SESSIUNCULA. Bookmark the permalink.


  1. Father: I’m cheap. I use the free web-based (I’m still using Old Blogger, I have not switched to the Google based version). I never have spam on the blog. I do have a very strong firewall and anti-virus software set up on my PC. However, I think setting so that each commenter has to input the word verification before the post goes up stops the automatic spam trollers. You can restrict commenters to only registered bloggers or group members too if you want. I don’t have Ad Sense (Ads on my blog) I don’t know if having Ads on Blogger enables spam to get through or not.

  2. dcs says:

    I use Blogger but I am thinking of switching to WordPress (I maintain a couple of WP blogs for work) if I ever get to the stage at which I am making regular updates. Spam can be avoided on Blogger simply by disallowing comments. Unfortunately Blogger doesn’t have any cool tools like Askimet Spam to filter out spam comments.

  3. Argent says:

    You could add a simple math problem as Pontificator has. The operative word is “simple”….no algebra problems, please. He uses WordPress also. Blogger, which I use, has word verification…distorted letters which are sometimes hard to read (double r’s are sometime hard to distinguish from m’s, ditto for double v’s from w’s). Comment moderation can be a headache if your time is limited (if, ha!).

  4. I have blogger, and I have word verification; that screens out most spam.

    However, every once in a while some shows up; I guess someone is posting it live. I delete it.

    Just yesterday, I noticed a new sort of spam, that worked through my site meter. I was scanning the referrals in the site meter (it’s an easy way to find out if anyone’s linked my blog, a bit of vanity on my part), and clicked on one of them. It turned out to be some sort of nonsense blog; nothing made any sense. I don’t know if it counts as spam, but there must be some reason it was there — my suspicion is that it was to get me to do just what I did. Weird.

  5. Father, unlike most other bloggers I know, I use a commercial package called Expression Engine from It’s a very powerful and extensible system that can be used for much more than blogging. It has extensive security features built in. I have image verification plus comment moderation and the combination of the two seems to work fine.

    Fr. Fox, referrer spam is particularly pernicious. Thankfully ExpressionEngine uses a blacklist to blog spammers as well so many of them don’t even get into the site. Referrer spam is used to boost their Google search ranking.

  6. Domenico: Yes, that referrer stuff is annoying. My filters catch virtually everything, however. It is interesting to read about what people are doing for their blogs.

  7. RC says:

    To get better control over the flood of junk, I had to move the sites to an Apache server I administer personally.

    That lets me customize Apache “mod_security” pattern rules to detect and block the submission of junk comments; it’s more efficient for the server than making the blog software spend time processing or rejecting them.

    “mod_security” is tricky, though: incautiously defined rules can interfere with your normal use of the blog software.

  8. Jacob says:

    I use Blogger and all the comments are sent by Blogger to my email account for moderation. Since my comment traffic is very low, it’s not a big deal. One of my readers is blind (I think) and his screen reader can’t read the word verification graphic, so moderation is convenient for both me and for him.

  9. Diane says:

    Fr. Z: I’m surprised you don’t have some kind of word verification.

    I got “baptized” only about a month in when I posted a photo of one of our priests kneeling in front of the Blessed Sacrament during a holy hour for vocations and someone posted in a lewd comment (which was actually an advertisement for something sexual). I then turned on word verification and have not had any further incididents.

    Dom: Thanks for that interesting piece of technical info.

  10. Andrew says:

    I have a blog at and since April of 2006 I received no spam, no comments, no traffic, nothing. I must be doing something right.

  11. Okay everyone! Go look at Andrews blog!! You can learn all about the latin word for \”crane\” today, so put on your crane bills and get out your Lewis & Short!


  12. Mark says:

    I found the word verification on Blogger works a trick!

Comments are closed.