Web developers trying to control comment-spam, bandwidth-theft, and content-scraping must choose between two fundamentally different approaches: selectively deny target offenders (the "blacklist" method) or selectively allow desirable agents (the "opt-in", or "whitelist" method). Currently popular according to various online forums and discussion boards is the blacklist method. The blacklist method requires the webmaster to create and maintain a working list of undesirable agents, usually blocking their access via htaccess or php. The downside of "blacklisting" is that [...] • Read more »
Perishable Press
WordPress, Web Design, Code & Tutorials
- Viewing the last of 3 pages
- View newer posts →
- Visit the Archives
Industrial-Strength Spamless Email Links
In our previous article on creating spamless email links via JavaScript, the presented method, although relatively simple to implement, is not the most effective solution available. Spambots, email harvesters, and other online scumbags relentlessly advance their scanning technology, perpetually rendering obsolete yesterday’s methods. In the case of spamless email links created client-side via JavaScript, many spambots now are able to decipher certain email addresses hidden within the JavaScript code itself. Spambots scan JavaScript for keywords such as [...] • Read more »
Disobedient Robots and Company
In our never-ending battle against spammers, leeches, scrapers, and other online undesirables, we have implemented several powerful security measures to improve the operational integrity of our perpetual virtual existence. Here is a rundown of the new behind-the-scenes security features of Perishable Press: Automated spambot trap, designed to identify bots (and/or stupid people) that disobey rules specified in the site’s robots.txt file. Automated disobedient-robot identification (via reverse IP lookup), admin-notification (via email) and blacklist inclusion (via htaccess). Automated [...] • Read more »
Block Spam by Denying Access to No-Referrer Requests
What we have here is an excellent method for preventing a great deal of blog spam. With a few strategic lines placed in your htaccess file, you can prevent spambots from dropping spam bombs by denying access to all requests that do not originate from your domain. How does it work? Well, when a legitimate user (i.e., not a robot, etc.) decides to leave a comment on your blog, they have (hopefully) read the article for which [...] • Read more »
Spamless Email Address via JavaScript
Let’s face it, spam sucks. Give spammers the figurative finger by using this nifty bit of JavaScript to hide your email address from the harvesters. Here is an easy “copy-&-paste” snippet for including a spam-proof email address in your web pages. Although there are a million ways of doing this, I am posting this for the record (and because I just can’t stand deleting usable code). This technique uses JavaScript, and therefore is not 100% ideal for [...] • Read more »
Protected: Password Monkey
There is no excerpt because this is a protected post. • Read more »
Phish Phight
I love reading these things.. Your online credit card account has high-risk activity status. We are contacting you to remind you that on March. 13, 2006 our Account Review Team identified some unusual activity in your account. In accordance with Chase Bank’s User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to log [...] • Read more »
Phish or Die
Ahh, the joys of stealing from people… Dear Customer Of The WellsFargo Internet Banking ? We Have Noticed That Your Wells Fargo Online Bank Account Needs To Be Updated, because we have made a new updates on our online banking service and we lost some information of our customer online banking accounts, we are sorry for that but you should update your Wells Fargo online bank account. To verify your online account and access your bank account, [...] • Read more »
Pathetic Phishing Attempt
For a good laugh, consider the following email message: Subject: Attention! Several VISA Credit Card bases have been LOST! Good afternoon, unfortunately some processings have been cracked by hackers, so a new secure code to protect your data has been introduced by visa. You should check your card balance and in case of suspicious transactions immediately contact your card issuing bank. If all transactions are alright, it doesn’t mean the card is not lost and cannot be [...] • Read more »