OMNINOGGIN

Today I would like to announce the release of “Project Honey Pot Http:BL” WordPress Plugin. This plugin allows you to verify all visitors’ IP address against the Project Honey Pot database. Using the Http:BL API, this plugin flags, logs, and blocks visitors with a high threat score, helping you prevent harvesters, spammers, or other
suspicious bots from abusing your blog. I’ve been talking a lot about LoJack anti-spam measures lately and this is one of them.
This plugin requires you to sign up for a free account at Project Honey Pot so that you can use their Http:BL API to verify your visitors.
This plugin is based on Jan Stepien’s http:BL version 1.4 which is no longer being supported. This version of the plugin fixes a lot of database bugs and usability issues that the original plugin had. Here are the key benefits of having this plugin enabled.

1. LoJack anti-spam solution with collective intelligence
2. Easy Project Honey Pot integration. No need to mess with Apache mod_httpbl, which means that this will work on shared hosts.
3. Ability to redirect malicious bots to a bot trap.
4. Logging capabilities

You may find the download link below. As always, please feel free to share any comments, questions, and suggestions! Read on…

Previously I wrote a post about how to list poison email harvesters. Today I discovered that an unknown harvester/scraper bot has stumbled into my one of my traps. Here is the description of the bot:

IP:82.230.123.141
Host: bne75-7-82-230-123-141.fbx.proxad.net
User agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; InfoPath.1)

From the log snapshot (image), you can see that the bot had recursively crawl through 14464 pages, harvested anywhere between 5 - 20 fake email addresses per page (that’s about 12 * 14464 = 173,568 emails harvested), and wasted nearly 10 minutes on my site before deciding that it’s done. You can see that the last link the bot visited was something that looks like this:

http://omninoggin.com/suspicious/8864/1530/7374/527/3510/9061/8198/9981/3367/1751/5075/1765/7282/4842/1710/3655/614/9951/3183/3609/3731/9430/7682/6298/2287/683/3370/5633/4187/8842/1852/5984/7767/6037/7675/3984/4646/7823/8462/1793/6556/3054/1362/3111/3407/8182/7374/169/7738/158/2802/5438/7230/9552/1384/7538/index.php

Read on…

Today I would like to announce the release of “AJAX Force Comment Preview” WordPress Plugin. The plugin works like TextPattern’s built-in “force comment preview” feature by forcing your commenters to preview their comments prior to submission. In addition this plugin is AJAX enabled so the user does not have to reload the page to preview his/her comment. Here are the key benefits of having this plugin enabled.

1. Comments quality will increase as users will be forced to preview his/her comment before submitting it. Previewed comments are sent through WordPress’ various filters so that the user can see exactly how his/her comment will appear after it is submitted.
2. Spambots will not be able post comments unless it actually tries to “preview” the comment. When a preview is requested, a nonce key is generated and returned along with the preview. This nonce key is then required to be sent back to the server during comment submission. So in order to submit a comment, the spambot would have to use javascript to request a comment preview prior to submitting the comment. Most spambots do not care to preview so this offers some level of spam protection.

You may find the download link below. As always, please feel free to share any comments, questions, and suggestions! Read on…

You may not know it, but your site is probably being regularly harvested for email addresses. In this post I will show you how to easily help fight email spam using a Lojack technique called List Poisoning (see previous post for more Lojack anti-spam philosophy). Though this is not a new technique, it is definitely worth spreading the word and implementing.

The goal here is to pollute the harvester’s email list with fake email addresses and fake recursive links. In doing so, the harvester will waste time and resources harvesting and spamming fake addresses. (see this in action)

In the demo below, you will notice that the first three links are recursive links that will just redirect to the same index.php. The next set of links will be fake email addresses generated for harvesters.
Read on…