The struggle process of automatic post machine Summary of several methods of preventing rubbish Comment _ website application

This spam message has not been shut down since the day the website was opened. And this garbage posting time has a certain regularity, is generally from 9 o'clock in the morning, 10 point of time, to the afternoon before work this period of time, is the post machine to start, see out, post machine operator is also a normal work "good comrade".

From the information published by the Post machine, operators also deliberately optimize the next information content, lest the information is too rubbish, directly resulting in the posting was blocked and failed; sometimes, I look at these things and really astounding for the operators, because even I almost got confused by the threads of these machines. However, from a number of consecutive posts released from the time interval to see, some unexpectedly is the same second released! As long as you are really a personal posting, send a post on how to hit a few Chinese characters how to a few 10 seconds.

Many times, I have to admire the developers of these posting machines, some of the post machine is really strong enough, such as forgery, fake cookies for them is a small case of a pile, and some will automatically track your site changes, automatic adjustment. Cow.

From the geographical point of view, Guangdong's rubbish information is really too much, such as Guangzhou, Shenzhen, Dongguan is particularly powerful, I stand most of the junk information from these areas. See, Guangdong's economic development is really very drag, but here you should pay attention to, the content of these spam posts is mostly about smuggling, parallel products, and so on, you can think of why Guangdong has so much rubbish information.

If your site is a simple defense of spam methods, you should pay attention to see me decomposition:

1, the use of the route to determine = = failure
A lot of web site for machine post the first step is to verify that there is a suitable routing information, but a little bit of knowledge of the program, whether it is asp,php or. NET,JSP forged the routing information is easy. So this trick is basically ineffective. But there's always better than nothing. Have this verification still can guard against some low-level post machine.

2, the use of post time to judge = = failure
From the publishing page (such as add.asp) to obtain a current system time, and then the user submits information (such as submitted to addok.asp) when the user's stay on this page, if too short, for example, less than 30 seconds, then judge the machine post. This trick also failed, the post machine does not access add.asp Publish page, it directly post a current false time, make this time far more than 30 seconds, so this method also ineffective.

3, the use of cookies to limit the number of posts = = Failure
Programmers know that cookies are information about the client and can be forged. For example, you use each post success, using a program to make a cookie value plus 1, when the cookie value added to N, refused to continue posting on the same day. How does the post machine break this method? In fact, it is very simple, the post is to do is to forge this cookie, so that the value of the cookie is always 1, it will never exceed the limit.

4, the use of their own anti-spam information filtering system = = has a role
The spam keyword shielding, it can effectively curb the machine to publish malicious spam posts. But this method has a lot of limitations. It can only block posts where the message content already contains a malicious keyword, and it does not work for a disguised post.

5, the same IP day post number limit = = have a role
The use of ip-based technology to prevent post machine post, is useful, and has been tested. The specific method is: Judge the post in the same day posted in the same IP post number, if the number is greater than a value, limit its continued posting.

That someone said, can not change the IP again Ah, yes, the post machine can change the IP release, but, another IP, it means that it wants to drop a line, and the general posting machine is multi-threaded, it does so other processes are also unable to release.

To sum up, to prevent the post machine to release spam information, can not only adopt a method, if the above 5 methods of comprehensive utilization, in the prevention of spam information rampant action is fruitful. We can also according to the 3rd of the cookie transformation called session, so that the third method can also play an effective preventive role; Thus, a combination of the following three methods, you can build a more robust anti-spam information system. If you have other ideas, please feel free to contact me and leave your comments.