On Sunday, WebCommons launched a new awards program called the WebCommons Spambot Awards, dedicated to recognizing those entities responsible for the spambots that continually attack our websites, as well as entities, tools and techniques that help us deal with them.

Today we’ll focus on Category 2 – ISP least responsive when dealing with reported spambots.

As web administrators, sometimes we have to deal with a lot of spambots hitting our sites from a single ISP (albeit usually from many different IP ranges).  And so we may tend to write an e-mail to their abuse department to complain about it.  If we’re new to doing this sort of thing, we quickly realize that we have to send a significant amount of evidence for the spambot attack, or else there’s no chance of the problem being dealt with.

This evidence always includes all the relevant entries from the access logs, from the first request to the last, before the site traps them.  Also, since I track post variables, I can show the ISP what data the spambot was attempting to input in registering a “user”, for instance.  I even usually provide some analysis of what I’ve sent.

After sending a complaint e-mail, what usually happens is the ISP sends back an automated response, usually saying that as long as you sent them a proper degree of evidence, they might look into the matter.  And perhaps many of them do, quietly working behind the scenes to ensure that the particular spambot(s) you reported can’t strike again.  Rarely, you’ll get an e-mail back explicitly thanking you for the report or asking for more information about the incident.

To me, what makes an ISP especially unresponsive is that on top of not providing an explicit response that they’re looking into the problem, and just shooting off automated responses to complaints, they do nothing about it and you see spambots from the same or similar IP addresses from this ISP hitting you over and over and over again.  When you realize that a particular ISP really doesn’t seem to care that their users are attacking your websites, that reaches the level of nomination for this category.

If you have been a web administrator for any significant length of time, surely you can think of one or more ISPs that have been unresponsive in this regard (I nominated one ISP myself).  So, please nominate one to five of them in responses to this post, or in responses to the original awards program post.  Or in an e-mail directly to us.

Thank you very much for your participation!

On Sunday, WebCommons launched a new awards program called the WebCommons Spambot Awards, dedicated to recognizing those entities responsible for the spambots that continually attack our websites, as well as entities, tools and techniques that help us deal with them.

Today we’ll focus on Category 1 – Internet Service Provider (ISP) responsible for the most bothersome spambots you see hitting your sites.  (Please don’t include purely hosting/cloud entities.)

As web administrators, surely the most troublesome originators of spambot are the ISPs, as we can’t ordinarily treat them the same way as we would treat the hosting companies — that is, blocking is almost never the right choice, as you could end up blocking real human visitors to your site.  Real human visitors are the ones who leave bona fide comments and click your ads.  So yes, we need ‘em!  Turning them into blocking “false positives” can only diminish the reputation of your site.

Now, that doesn’t mean that blocking an ISP is always the wrong approach.  If you’re running a English language U.S. site and you’re getting a lot of spambot hits from a particular Russian ISP, then perhaps it really does no harm to block the IP ranges of that particular ISP.

Anyway, so since blocking is a last resort, we have to come up with other clever ways to defeat them, using approaches such as questions or captchas, or using smarter form processing that requires a real human to intervene, or at least detects a robot through its usually strange behavior.  It may even make sense to trigger a short-term block to shoo the spambot away.

If you have been a web administrator for any significant length of time, surely you can think of several ISPs that have delivered the most or the most bothersome spambots to your sites (I nominated four ISPs myself).  So, please nominate one to five of them in responses to this post, or in responses to the original awards program post.  Or in an e-mail directly to us.

Thank you very much for your participation!

It just occurred to me that in the world of webmastering (OK, website administration), we apparently have no annual recognition in the industrious field of proliferating those delightful creatures called spambots.

In my experience administering websites, it’s not real human spammers who are causing the big problems of spam in blogs, forums, etc. — it’s the automated spam delivery robots.

• They break your captchas, and thus are leading to captcha designers making them nearly impossible to read by real humans (esp. those with older, deteriorating eyes like mine).
• They register for your blogs or forums, using fun e-mail addresses like dildoman2352@gmail.com (or anything@.ru), filling in numeric fields with text, setting the preferred timezone to -12 (where nobody lives), and then they lurk until they find the juiciest time to leave their spam droppings.
• They screw up your logs with fake referrers, apparently believing that showing Russian sites to American webmasters is such a great way to advertise.

You get my drift.  And I’m sure you have plenty of additional examples if you’ve been running any websites for any significant length of time.

So, I thought it would be sick (in the good, dark comedy sense of ‘sick’) to have an awards program for our friends, the spambots, and their enablers (and of course, the good guys who help us stamp them out).  I wanted to dub this program “The Spammy Awards” or “The Spammies”, but a quick Google search foiled that.  So, I decided to call this extravaganza “The WebCommons Spambot Awards”, or “The Spambotties” for short.

Because this is kind of a spur-of-the-moment thing, I just threw together ten categories for the first annual awards.  So that the second annual awards are more complete, I’ll have a nomination category called “Most obvious missing nomination category for the Spambotties “.  We’ll take nominations for two weeks, then present a series of polls to determine the winners and runners-up.

What’s the award for the winners?  Well, in the bad categories, it’s global damnation by website administrators (which will have to be enough because I really don’t want the legal exposure of shipping feces through the mail).  In the good categories, it’s a big ol’ pat on the back by millions.  Who doesn’t want that?  (maybe next year we’ll have real prizes… heh)

See the nomination categories after the jump…

Read the rest of this entry »

Due to GoDaddy’s recent support of the anti-Internet, anti-free-speech, pro-entertainment-industry-greed legislation called SOPA (PIPA in the Senate), and their abrupt but lackluster and unconvincing reversal, WebCommons today started transferring its domains to other registrars.

For starters, today, WebCommons.biz (this site) and MetroIssues.com (Louisville History & Issues) were transferred to gandi.net, a French registrar that is being recommended by many in the Internet community for its hard anti-SOPA stance and its quality of service.  It also doesn’t hurt that they’re offering $8 transfers with free whois privacy and a 1-year SSL certificate.  It especially doesn’t hurt that the U.S.-based Electronic Frontier Foundation (EFF) has its domain registered there — to me, this is a great vote of confidence!

If you have domains registered at GoDaddy, will you join me in transferring away and sending a message to GoDaddy and all other past and present supporters of SOPA that this sick, unAmerican legislation needs to be destroyed, buried and the earth salted where it lays?  At the last link above, the EFF makes registrar recommendations.

UPDATE: By some holiday miracle (well, the flip of a switch), Louisville History & Issues is now back online.  But if SOPA is passed, it and many other websites you know and love could be doomed.  Stop SOPA now!

The Stop Online Piracy Act has just claimed its first victim, our own public discourse site Louisville History & Issues.

Here’s an excerpt from the takedown info at the site:

…under SOPA, the copyright owner in question could have this site SHUT DOWN … get this… BEFORE this site’s owner has a chance to respond to an infringement notice, creating undue burdens which could lead to the site staying down permanently. Therefore, anyone who has a problem with this site could effectively shut it down, which is an obvious tampering with FREE SPEECH on the World Wide Web.

Even if you don’t like this site, think about all the sites you love, or even like. They can go BYE-BYE if this BAD LAW passes. Bye-bye YouTube. Bye-bye Facebook. Bye-bye any local sites that you love. And bye-bye to the Web as we know it today.

Sadly, this BAD LAW boils down to GREED in the American entertainment industry. In order to go after piracy, which is certainly a bad thing, they want to trample over your free speech rights and threaten the existence of the web itself. They want to turn the web into content streams UNDER THEIR FULL CONTROL. They want to DESTROY independent websites.
DON’T. LET. THEM.

What action can you take to avoid this BAD LAW going into effect? Simple. Contact your members of Congress (House / Senate) and tell them to KILL SOPA and any other legislation like it, then BURY IT AND SALT THE EARTH (it’s *that* bad, really). Tell them SOPA tramples on free speech, destroys the web as we know it, and therefore it’s UN-AMERICAN.

Of course, this takedown isn’t really happening.  It’s merely a warning of what could happen.  After 24 hours (3:40 PM ET Thursday), the site will be back up.

But still, do you want this to actually happen to any of the websites you care about?  If the answer is no, please take action.  As soon as you can.  This bad legislation must be destroyed before it gets any legs.

I thought I’d just drop a few lines as to what’s going on technically with this blog.

Well, as I alluded to in the last post, I would like to start blogging here on a regular basis. However, I realized recently that this site had become very stale and not exactly the best showcase for my technical skills. So, I’m revamping.

I’m adding plugins aplenty, configuring them just so, and making all kinds of tweaks to the theme. Perhaps I’ll even write posts later on to talk about all the specifics of what I did (and am still doing).

But for now, please realize that though this site is up, it’s somewhat under construction, and some pages might look funny at certain times as I try out new ideas.

How do you like the changes so far? Do you have any favorite WordPress plugins to recommend? Or do you have any changes to the theme to recommend?

I’m pretty darn open-minded right now. I want this site to shine!

Thanks for reading!