Spam Sandwich

“It seems that no matter what new online communication tools we come up with, there are going to be those who want to abuse them.”

The Blog Coach

Comment Spam and how to avoid it | Blog Coach – Blogging Consultant

Posted using ShareThis

My last post about email spams was more for working than WordPress-ing. This time let me go back to the latter, albeit on the same subject, but focused on WordPress.com blogs.

You know of course I am referring to comment spams.

When you log in to your Dashboard, you are greeted with a note like:

Akismet has protected your site from xxx spam comments already, and there are xx comments in your spam queue right now.

In my calculation, more than 70 per-cent of comments posted to date on this blog are spams in the six weeks it has been online.

Big deal? No, not really. Akismet is a friend to WP bloggers. Well, at least to some.

So what is this Akismet?

It is a plugin or software that deletes or “kills spam” in comments and trackbacks. It is an “Automattic production” and native to WordPress.

As of this writing, 3:30pm AEST 27 Oct, Akismet reported that it had caught more than 13 billion spams since it started more than 3 years ago, and that 83 per-cent of all comments are spam, a fair estimate considering that for emails about 88 per-cent are spam according to reports.

Here’s a screenshot of an Akismet stats page (time-stamping is mine to jog my memory):

In its early years, I gather that Akismet had received a lot of complaints from WP users. Quite understandable, I think. The plugin was new, and it is the type of plugin that can only be perfected through actual practice. Akismet has to update its database and lexicon of words and phrases of words used in spamming.

The plugin also needed to learn from patterns of comment spams and feedback from users.

After more than 3 years, we could only expect Akismet to be more effective and more learned than when it started.

That said, it does not mean that you should leave Akismet totally on its own.

From time to time, you need to check your blog’s spam queue. There may be comments from friends mistakenly considered as spams by Akismet.

For example, today when I checked my blog’s spam queue, I found one comment posted about a week ago by another WP blogger. I guess the reason why that comment was caught was that in the comment was URL of the page I was being invited to visit. I am not sure here, I am only guessing.

Anyway, the point I am driving home is that we should not leave everything to Akismet. We still have to do some work.

Two things we can do:

1. As mentioned above, check your blog’s spam queue. If there are any comments which should not be considered as spams, you simply approve the comments to remove them from the spam queue. Just like with emails, from time to time we need to check our Spam folders. Sometimes, spam filters get so over-zealous and over-protective that even legit messages are being erroneously classified as spams.

2. Check your blog’s settings. On a WP blog’s Settings | Discussion page, there are two options you could configure to “teach” how Akismet should behave. These are the “Comment Moderation” and “Comment Blacklist” options. Why not put them to good use and fine-tune Akismet?

I hope this post helps. Here’s to a spam-free blogging.

A lot of people who have my personal e-mail has e-mailed me asking me why were the comments closed. Well do you really want to know why? Of course you do. Well…this is why:

This clown also known as “kin6x” better known as “U Wish U Knew Me” thought it was okay to flood my blog with his stupid comments. Then try to flood my blog with more of his stupid ass comments again the second time around. He’s on standby, lurking my blog to see when and if I allow people to comment again just so he can flood my blog. Get this though, I have no idea what his motive is. The guy comes out of thin air with no relevancy to why he’s being a jackass on my blog. He’s a so called a rapper and this was his little rap about me:

-yea you pussy faggots wanna test me
-i only need lyrics, when you need a vest and a 9 piece
-im da one from the south and dats foreal g
-Im slappin and clappin on da admins especially lee
-You fuck dogs, dats why you claim im ugly
-When i got girls stacked up high like mountain peaks
-Yea, but now this is the end of my rap
-I can see now that lee and tha fagmins are feelin trapped.. ohhhhhh

So I laugh and laugh and laugh. Piss him off to unconsciousness and he proceeds to say this to me:

By the way.. keep deleting my comments lol. I have all of them saved now. So when I have time off during the day you can bet your ass ill be on here givin yall hell AND ill repost all the others lol. Im gonna love this.

I warned you

Yea, you guessed it, he actually thought or still think that posting comments repetitively will get next to me. When he fail to realize after countless times in telling this idiot that he’s been labeled as spam so most if not all his comments goes to the spam folder. Sometimes though Askimet can be gay and allow his comments get through. Nonetheless he’s still a fucking idiot:

Have fun editing or deleting all those comments lol. My challenge still stands u no talent pussies. Diss me if you dare and get FUCKED UP!

He began making threats and while doing so he was probably drooling at the mouth. I hope he loved the fact that his plans were foiled and I have no means in opening my comments no time soon. I’m not going to comment about the way he looks, I’ll just leave that to my admins when they see this. They’re the only ones that can comment…for now. Oh, if you want to know who this guy is [his screen name on here was "U Wish U Knew Me"] just go here to his Myspace. Maybe one of you will buy his music that costs .75 cents out of pity for the poor son of a bitch. I would but I’m not that noble.

Just in case Mr. Idiot just so happens to stumble upon this blog let me just say this to you:

I suggest you save that pocket lint up so you can make a coat because up here the weather is cold, and we as Northern folks don’t want you to get cold when you come up here to “fuck us up”. Boy sit your non-talented ass down. I have more going for me in my left toe-nail than you got going in your whole life. I’m so far more talented than you, that I probably got more views on my blog than you got listeners.

Everyone don’t have to rap to be talented and vise versa but in your case, you rap because getting a job is not in your jurisdiction because you fell prey to the get-rich-quick scheme, well listen you stupid piece of shit, you aren’t going any where with those 75 cent pieces of shit on your Myspace page. You’ll continue to be ass-hurt about who knows what and I’ll continue to be better than you.

I have yet to figure out what provoked you to come on my blog with this coonery. But it ends here and now, so go ahead and try and flood my blog if ya want. You won’t get far. Have fun getting pissed because I foiled your plans. Oh but don’t let that stop you from mono-logging. Monologue all the fuck you want, only flaw is that the only one that will hear/read it is you. So go on your Myspace page and blog about it. Again, my site is better than your said rap career which I shouldn’t even call a career, that’s obviously an insult to real rappers and I’m not talking about your average Lil’ Wayne and Gucci Mane either.

How does it feel to know that you weren’t the one to get the last laugh?

Anyway, everyone with a bone to pick with me seem to pick this specific blog. Well, there’s a reason why I have a hate-mail page, send all your stupidity there or to my contact page when its available.

Ε.Ε.:Περισσότερη δράση κατά των spammers και την προστασία της ιδιωτικότητας στο διαδίκτυο – ADSLgr.com
Η Ευρωπαϊκή Επιτροπή επανέλαβε σήμερα την έκκλησή της στις χώρες της ΕΕ να εντείνουν τις προσπάθειές τους για την αντιμετώπιση των απειλών κατά της ιδιωτικής ζωής στο διαδίκτυο. Όπως διαπιστώνεται σε μελέτη που χρηματοδοτήθηκε από την Επιτροπή και που δημοσιεύεται σήμερα, παρόλο που τα τελευταία χρόνια διάφορες χώρες της ΕΕ έχουν λάβει ορισμένα μέτρα για την επιβολή της απαγόρευσης ανεπιθύμητων ηλε-μηνυμάτων στην Ευρώπη, συμπεριλαμβανομένων προστίμων για τους δημιουργούς τους, ο αριθμός των ενεργειών που διώκονται και των κυρώσεων που επιβάλλονται κατά των παραβατών διαφέρουν σημαντικά. Η μελέτη επιβεβαιώνει την ανάγκη για νομοθετικές βελτιώσεις που προτείνονται στο πλαίσιο της μεταρρύθμισης των κανόνων για τις κοινοτικές τηλεπικοινωνίες ( MEMO/09/219 ): σαφέστεροι και συνεπέστεροι κανόνες επιβολής και αποτρεπτικές κυρώσεις, βελτιωμένη διασυνοριακή συνεργασία, καθώς και επαρκείς πόροι για τις εθνικές αρχές που είναι επιφορτισμένες με την προστασία της ιδιωτικότητας των πολιτών στο διαδίκτυο (επιγραμμική ιδιωτικότητα)[next]

For other half-baked ideas, see my ideas tag.

I’m an obstinate log watcher. Watching web server logfiles in particular gives me a fascinating insight into how the bottom-feeders on the internet work, comment spammers, email harvesters, crap search engines and the like.

As a pretty random example, a single spammer (or more likely “illegal spam botnet”) just tried to fill in the comment form on one particular website I run 26 times in roughly 90 minutes. If you still have any myths about how sophisticated spammers are, read on.

Myth: spammers promote a particular website. Reality: spammers are still able to register huge numbers of random domains, and use very complex multi-step redirection.

Myth: spammers must operate from a limited set of IP addresses. Reality: spammers have access to virtually unlimited numbers of IP addresses.

Myth: each attack comes from a single IP address. Reality: attacks jump from IP addresses separated around the world, and those attacks are coordinated and look just like a single multi-step transaction, complete with correct cookies which must be passed between the hosts using a higher “back end” layer.

Myth: spambots don’t run Javascript, download images or solve captchas. Reality: …

The jury is still out on the last one. Certainly it’s not common, but a significant subset of comment spam does appear to come from real browsers, which run Javascript, download images and solve captchas. However I believe much or all of this must come from real people operating from sweatshops in countries with very low wages. That’s hard to tell just from looking at logfiles.

Each of the 26 completed transactions I saw involved multiple HTTP requests, and every single HTTP request came from a different IP address. But each completed transaction had a consistent cookie. In some cases the IP addresses were separated by half the earth, but HTTP requests followed each other in sub-second, indicating a sophisticated second level operation coordinating it all. Each request contained URLs for 4 websites, generated using random characters, and only some of these sites resolve.

So on to the half-baked idea.

Why don’t we have a proper, distributed reputation system for IP addresses?

A spammer can’t source an HTTP request from just any IP address, so they need to take over some grandma’s Windows PC, or someone’s web server, or persuade people to route some bogus AS. Every time an honest website owner (like me!) sees a bad IP, they register it.

Of course, spammers themselves will try to game the system, but they will do so from their own random IP addresses. We need to make sure that their “votes” count for less, and a reputation system should be able to decide this (eg. bad IP votes for bad IP? those votes count negatively).

If grandma tries to post a good comment, her IP may well cause that comment to be rejected. Good thing! She needs to clean up her (Windows) PC.

And what about ISPs who rotate IP addresses between good and bad customers? Those ISPs need to police their users and make sure they clean up their Windows PCs, or force the users on to better operating systems that don’t allow these exploits.

Note There are people classifying IPs now, eg. project honeypot and stop forum spam, but these guys don’t implement a reputation system and in some cases have nasty licensing terms which make the data that we provide for free into proprietary databases. No thanks.

While going through Spamhaus SBLs, I found this updated /23 under RIPE. It would seem that most times when Spamhaus is unsure of the exact ownership of a netblock or the downstream has a small number of IPs assigned to it, the volunteers will place it under the regional registry (RIR). I researched the IP range: 194.8.74.0/23 and found it listed under AS44557 DRAGONARA. Googling revealed this recent blog post. Tha nullroute. me author noticed in late July 2009 a lot of comment spam coming from this netblock.

Below in the Spamhaus SBL, I am referencing the netblock info and some of the nameserver information that Spamhaus discovered within the IP ranges.

Spamhaus SBL76200

Ref: SBL76200

194.8.74.0/23 is listed on the Spamhaus Block List (SBL)

02-Sep-2009 12:26 GMT | SR04

Spamming and now seems this place is involved in other fraud

inetnum: 194.8.74.0 – 194.8.75.255
netname: DRAGONARA-NET
descr: Dragonara Alliance Ltd
country: GB
org: ORG-DRAG1-RIPE
admin-c: AGAV2-RIPE
tech-c: AGAV2-RIPE
status: ASSIGNED PI
mnt-by: RIPE-NCC-HM-PI-MNT
mnt-by: DRAGONARA-MNT
mnt-lower: RIPE-NCC-HM-PI-MNT
mnt-routes: DRAGONARA-MNT
mnt-domains: DRAGONARA-MNT
source: RIPE # Filtered

organisation: ORG-DRAG1-RIPE
org-name: Dragonara Alliance Ltd
org-type: OTHER
address: Geneva Place, Waterfront Drive,
P. O. Box 3469, Road Town, Tortola,
British Virgin Islands
mnt-ref: DRAGONARA-MNT
mnt-by: DRAGONARA-MNT
source: RIPE # Filtered

person: Andrey Gavrilog
address: Geneva Place, Waterfront Drive,
P. O. Box 3469, Road Town, Tortola,
British Virgin Islands
mnt-by: DRAGONARA-MNT
abuse-mailbox: abuse@dragonara.net
phone: +41 435.001.009
nic-hdl: AGAV2-RIPE
source: RIPE # Filtered

% Information related to ‘194.8.74.0/23AS44557′

route: 194.8.74.0/23
descr: Dragonara Alliance
origin: AS44557
mnt-by: DRAGONARA-MNT
source: RIPE # Filtered

[...]

194.8.75.115
194.8.74.30

NS1.CCTHETUNECOOKIE.COM
NS1.CCTHETUNETOWN.COM
NS1.CCWEIGHTFEELCONCERT.COM
NS1.CCTHESPEEDDATE.COM
NS1.CCTHETHOUGHTSITE.COM
NS1.CCTHOUGHTSITE.COM
NS1.CCTOPMUSICCENTRAL.COM
NS1.NSMELEONDOMEN.COM
NS1.CCBESTBABYMUSIC.COM
NS1.CCBESTJAZZMUSIC.COM
NS1.CCSUPERGUITARCHORDS.COM
NS1.CCTHETHOUGHTDOMAIN.COM
NS1.CCBESTGUITARDIRECT.COM
NS1.CCNEWTUNESITE.COM
NS1.CCONLINESPEEDDIRECT.COM
NS1.CCONLINESPEEDPAY.COM
NS1.CCNEWMUSICSPIN.COM
NS1.CCABSTRACTDOMAINNAME.COM
NS1.CCSUPERSPEEDTEST.COM
NS1.CCTOPDRAWMUSIC.COM
NS1.CCYOUNGTUNE.COM
NS1.CCYOURCONCEPTSITE.COM
NS1.CCYOURGUITARCHORD.COM
NS1.CCBESTBETMUSIC.COM
NS1.CCTOPINTERNETMUSIC.COM
NS1.CCYOURGUITARTAB.COM
NS1.CCYOURSEEM.COM
NS1.CCYOURSPEEDUNDER.COM
NS1.CCYOURSPEEDWAI.COM
NS1.CCYOURTUNECITY.COM
NS1.CCNEWMUSICKOREA.COM
NS1.CCNEWMUSICLINE.COM
NS1.CCNEWMUSICSTREAM.COM
NS1.CCNEWTUNEWORLD.COM
NS1.CCONLINEHOMERATE.COM
NS1.CCONLINERATESOURCE.COM
NS1.CCONLINESPEEDSITE.COM
NS1.CCONLINESPEEDWORLD.COM
NS1.CCPHOTOLOOKGIG.COM
NS1.CCLATESTTUNE.COM
NS1.CCLOOKANDSHOW.COM
NS1.CCWEBSPEEDNOW.COM
NS1.CCTHEGUITARMUSIC.COM
NS1.CCTOPMOBILEMUSIC.COM
NS1.CCWEBSPEEDO.COM
NS1.CCBESTGUITARTABLATURE.COM
NS1.CCAVAILABLESPEED.COM
NS1.CCATWEBSPEED.COM
NS1.CCBESTCONCERTTOUR.COM
NS1.CCBESTGUITARWORLD.COM

NS2.CCBESTGUITARDIRECT.COM
NS2.CCBESTGUITARWORLD.COM
NS2.CCTHETHOUGHTSITE.COM
NS2.CCPHOTOLOOKGIG.COM
NS2.CCTOPDRAWMUSIC.COM
NS2.CCYOURSPEEDUNDER.COM
NS2.CCNEWTUNEWORLD.COM
NS2.CCONLINERATESOURCE.COM
NS2.CCONLINESPEEDPAY.COM
NS2.CCONLINESPEEDSITE.COM
NS2.CCBESTBABYMUSIC.COM
NS2.CCAVAILABLESPEED.COM
NS2.CCBESTCONCERTTOUR.COM
NS2.CCTHESPEEDDATE.COM
NS2.CCSUPERSPEEDTEST.COM
NS2.CCTHEGUITARMUSIC.COM
NS2.CCLATESTTUNE.COM
NS2.CCTHETUNECOOKIE.COM
NS2.CCTHETUNETOWN.COM
NS2.CCTHOUGHTSITE.COM
NS2.CCYOURGUITARTAB.COM
NS2.CCYOURTUNECITY.COM
NS2.CCBESTBETMUSIC.COM
NS2.CCBESTJAZZMUSIC.COM
NS2.CCWEBSPEEDNOW.COM
NS2.CCWEBSPEEDO.COM
NS2.CCYOURSEEM.COM
NS2.CCONLINEHOMERATE.COM
NS2.CCTOPMOBILEMUSIC.COM
NS2.CCYOURCONCEPTSITE.COM
NS2.CCNEWMUSICSTREAM.COM
NS2.CCNEWTUNESITE.COM
NS2.CCNEWMUSICKOREA.COM
NS2.CCONLINESPEEDWORLD.COM
NS2.CCTHETHOUGHTDOMAIN.COM
NS2.CCSUPERGUITARCHORDS.COM
NS2.CCYOUNGTUNE.COM
NS2.CCTOPINTERNETMUSIC.COM
NS2.CCYOURSPEEDWAI.COM
NS2.CCTOPMUSICCENTRAL.COM
NS2.CCWEIGHTFEELCONCERT.COM
NS2.CCYOURGUITARCHORD.COM
NS2.CCLOOKANDSHOW.COM
NS2.CCABSTRACTDOMAINNAME.COM
NS2.CCBESTGUITARTABLATURE.COM
NS2.CCATWEBSPEED.COM
NS2.CCONLINESPEEDDIRECT.COM
NS2.CCNEWMUSICLINE.COM
NS2.CCNEWMUSICSPIN.COM

[...]

According to the nullroute blog, the IP ranges of AS44557 are: 91.205.40.0/22 & 194.8.74.0/23

At the time of this post, Spamhaus is blocking 512 IPs under the /23. Also, this host (AS44557 / DRAGONARA ) appears to be unresponsive to abuse complaints. According to FixedOrbit, this host has 1534 IP addresses and its upstream is Cogent (AS174).

Over the past few days I’ve been doing bulk deletes of weird spam comments that take the form:

sKZFks  <a rel=”nofollow” href=”http://hjiolevcjnau.com/”>hjaulmycjnau</a>, [url=http://dpghbmkxjpqd.com/]dplobwoxjpqd[/url], [link=http://adslmramajek.com/]adslwevmajek[/link], <a rel=”nofollow” href=”http://rtqbvxfbimlt.com/”>http://rtqcqxfrkmlt.com/</a>

Does anyone know any reason why anyone would take the time to post this gibberish when it is only going to be deleted?

The format appears to be exactly the same in each case,  the only variation appears to be in the actual letters used (one can’t say “wording” because there are no words).

I’ve noticed that a lot of the recent comment spam here has been in Russian.  I don’t speak Russian, so it’s all Greek to me.  But I was curious what they were promoting, so I copied one comment and pasted it into Yahoo’s Babel Fish translation service, and it returned this:

To ??? simply!  Everyone, pancake, all knows, except me

For some context, this was a comment on the caption contest featuring weird robot costumes.  Although I’m not sure if that really adds context, but I’ll make it fit.  Let’s see…  Were they calling us “pancake”? Surely not.  That makes absolutely no sense.  The interpretation didn’t give us the full meaning, so we must apply some interpolation.   Given the context of the caption contest, perhaps they meant everyone knows what is going on in that picture, except them.   That is, even pancakes know what’s going on.  Man, it must be tough to be dumber than a stack of flapjacks.   I reckon that’s why they’re in the spam business…

FTL means For the lose just in case there are some major n00bs out there reading this. Anyway, recently since I’ve been well over the 200,000 view mark on this blog I’ve been getting spam around the clock. The moment I delete a batch, another batch is there. Its usually by the same person and all. Yea Askimet catches the spam but I don’t want to sit here and watch it build up. I get 2,000 to 3,000 worth of spam in under 5-10 minutes. That ‘Do not discard spam on old posts’ option does not work. Its been unchecked and I’m still getting the most spam on those blogs. I don’t want to close my comments completely or only have people who are registered to comment for the simple fact, I have a lot of friends who just pop in to say their two cents then leave. I don’t think they or others want to have to log in or make an account just to comment on my blogs.

Something got to give, I bet right as I’m typing this I will have close to a thousand spam comments by the time I’m finished. This is getting pretty annoying for me because once a upon a time, it wasn’t like this at all. I would get like 2 or 3 spam comments a month or every 2-3 weeks now its thousands of spam comments every few minutes. I have a peeve about spam and I’m very good at adjusting to things but this is unacceptable. I cannot adjust to constantly deleting spam. I’m forever grateful that I don’t have to go through every blog I’ve typed to delete them because Askimet didn’t catch them, I’m very happy that its doing its job and doing it very well. I may have my own domain on here but I don’t have the options of others who have a host with wordpress.org. They have a lot of plug-ins available to those who have hosted their blog. That leaves on the spammers to come and annoy us. Its kind of unfair but I can’t complain WordPress is a pretty hell a very good place to blog. Well minus the amount in decent blog themes.

While I’m on the subject of the minor flaws of WordPress. Why is that my blog time stamp/timezone is fine up til 8:00 P.M.? Why does it automatically go to the next day in the week? Well let me give you something of what it looks like…

Is there something wrong with this picture? Am I NOT doing something right here? A week starts on Sunday does it not? So why at 8:00 P.M. it changes from April 07, 2008 to April 08, 2008? This is getting very annoying for me and I wonder will it continue to be this way. Do I have to change the UTC or well tweak it to where it actually is the next day when it supposed to be or no? I don’t think I should because even that up there is wrong. I’m in Cleveland, Ohio that’s in the United States of course [I have frequent foreigners visiting my blogs] and that up there isn’t correct in a way. Its been tweaked for the Daylight savings time but when I first started this blog the time zone was automatically was wrong and the UTC-5 was actually right but when it was on that option it would be two days ahead or behind. I finally got it to work to where the day and time is right but it still changes the day at 8:00 P.M.. What the hell is wrong with it? Coordinated Universal Time my ass!

ALSO! What’s with when I make a blog at times at it will automatically save the Draft, it even says it saved it at the bottom in the right-hand corner but for some odd ass reason, when its done loading it is completely blank when I select ’save draft’? Like where did it go? Its like pressing ’save draft’ means ‘erase draft’ at times on here. I now have to take precautions now in copy and pasting every time before I press ’save draft’ now. I even have to copy & paste before I select ‘publish’ as well. I get it right the first time I’ll be damn I have to do it a second time because my draft didn’t save. Well that’s enough of this now, I think I covered all the fail with WordPress.

Welcome to the GP Web Market Jargon Buster! All these hectic SEO terms going over your head? Well look no further! The GP Webmarket Jargon Buster has been posted to provide you, the client, with the necessary info regarding many of these terms you may have read about.

adwords Google Pay Per Click contextual advertisement program, very common way of basic website advertisement

algorithm (algo) A program used by search engines to determine what pages to suggest for a given search query.

alt text A description of a graphic, which usually isn’t displayed to the end user, unless the graphic is undeliverable, or a browser is used that doesn’t display graphics. Alt text is important because search engines can’t tell one picture from another. Alt text is the one place where it is acceptable for the spider to get different content than the human user, but only because the alt text is accessible to the user, and when properly used is an accurate description of the associated picture. Special web browsers for visually challenged people rely on the alt text to make the content of graphics accessible to the users.

analytics A program which assists in gathering and analyzing data about website usage. Google analytics is a feature rich, popular, free analytics program.

anchor text The user visible text of a link. Search engines use anchor text to indicate the relevancy of the referring site and of the link to the content on the landing page. Ideally all three will share some keywords in common.

astroturfing (the opposite of full disclosure) attempting to advance a commercial or political agenda while pretending to be an impartial grassroots participant in a social group. Participating in a user forum with the secret purpose of branding, customer recruitment, or public relations.

authority (trust, link juice, Google juice) The amount of trust that a site is credited with for a particular search query. Authority/trust is derived from related incoming links from other trusted sites.

B2B Business to Business.

B2C Business to Consumer

back link (inlink, incoming link) Any link into a page or site from any other page or site.

black hat Search engine optimization tactics that are counter to best practices such as the Google Webmaster Guidelines.

blog A website which presents content in a more or less chronological series. Content may or may not be time sensitive. Most blogs us a Content Management System such as WordPress rather than individually crafted WebPages. Because of this, the Blogger can chose to concentrate on content creation instead of arcane code.

bot (robot, spider, crawler) A program which performs a task more or less autonomously. Search engines use bots to find and add web pages to their search indexes. Spammers often use bots to “scrape” content for the purpose of plagiarizing it for exploitation by the Spammer.

bounce rate The percentage of users who enter a site and then leave it without viewing any other pages.

bread crumbs Web site navigation in a horizontal bar above the main content which helps the user to understand where they are on the site and how to get back to the root areas.

canonical issues (duplicate content) canon = legitimate or official version – It is often nearly impossible to avoid duplicate content, especially with CMSs like WordPress, but also due to the fact that www.site.com, site.com, and www.site.com/index.htm are supposedly seen as dupes by the SEs – although it’s a bit hard to believe they aren’t more sophisticated than that. However these issues can be dealt with effectively in several ways including – using the noindex meta tag in the non-canonical copies, and 301 server redirects to the canon.

click fraud Improper clicks on a PPC advertisement usually by the publisher or his minions for the purpose of undeserved profit. Click fraud is a huge issue for add agencies like Google, because it lowers advertiser confidence that they will get fair value for their add spend.

cloak The practice of delivering different content to the search engine spider than that seen by the human users. This Black Hat tactic is frowned upon by the search engines and caries a virtual death penalty of the site/domain being banned from the search engine results.

CMS Content Management System – Programs such as WordPress, which separate most of the mundane Webmaster tasks from content creation so that a publisher can be effective without acquiring or even understanding sophisticated coding skills if they so chose.

code swapping (bait and switch) Changing the content after high rankings are achieved.

comment spam Posting blog comments for the purpose of generating an inlink to another site. The reason many blogs use link condoms.

content (text, copy) The part of a web page that is intended to have value for and be of interest to the user. Advertising, navigation, branding and boilerplate are not usually considered to be content.

contextual advertisement Advertising which is related to the content.

conversion (goal) Achievement of a quantifiable goal on a website. Add clicks, sign ups, and sales are examples of conversions.

conversion rate Percentage of users who convert – see conversion.

CPC Cost Per Click – the rate that is paid per click for a Pay Per Click Advertiser

CPM (Cost Per Thousand impressions) A statistical metric used to quantify the average value / cost of Pay Per Click advertisements. M – from the Roman numeral for one thousand.

crawler (bot, spider) A program which moves through the worldwide web or a website by way of the link structure to gather data.

directory A site devoted to directory pages. The Yahoo directory is an example.

directory page A page of links to related WebPages.

doorway (gateway) A web page that is designed to attract traffic from a search engine and then redirect it to another site or page. A doorway page is not exactly the same as cloaking but the effect is the same in that users and search engines are served different content.

duplicate content Obviously content which is similar or identical to that found on another website or page. A site may not be penalized for serving duplicate content but it will receive little if any Trust from the search engines compared to the content that the SE considers being the original.

e commerce site A website devoted to retail sales.

feed Content which is delivered to the user via special websites or programs such as news aggregators.

FFA (Free For All, link farm) A page or site with many outgoing links to unrelated websites, containing little if any unique content. Link farms are only intended for spiders, and have little if any value to human users, and thus are ignored or penalized by the search engines.

frames a web page design where two or more documents appear on the same screen, each within it’s own frame. Frames are bad for SEO because spiders sometimes fail to correctly navigate them. Additionally, most users dislike frames because it is almost like having two tiny monitors neither of which shows a full page of information at one time.

gateway page (doorway page) A web page that is designed to attract traffic from a search engine and then redirect it to another site or page. A doorway page is not exactly the same as cloaking but the effect is the same in that users and search engines are served different content.

gizmo small applications used on web pages to provide specific functions such as a hit counter or IP address display. Gizmos can make good link bait.

Google bomb The combined effort of multiple webmasters to change the Google search results usually for humorous effect. The “miserable failure” – George Bush, and “greatest living American” – Steven Colbert Google bombs are famous examples.

Google bowling Maliciously trying to lower a sites rank by sending it links from the “bad neighborhood” – Kind of like yelling “Good luck with that infection!” to your buddy as you get off the school bus – there is some controversy as to if this works or is just an SEO urban myth.

Google dance The change in SERPs caused by an update of the Google database or algorithm. The cause of great angst and consternation for webmasters who slip in the SERPs. Or, the period of time during a Google index update when different data centers have different data.

Google juice (trust, authority, pagerank) trust / authority from Google, which flows through outgoing links to other pages.

Googlebot Google’s spider program

hit Once the standard by which web traffic was often judged, but now a largely meaningless term replaced by pageviews AKA impressions. A hit happens each time that a server sends an object – documents, graphics, include files, etc. Thus one pageview could generate many hits.

hub (expert page) a trusted page with high quality content that links out to related pages.

HTML (Hyper Text Markup Language) directives or “markup” which are used to add formatting and web functionality to plain text for use on the internet. HTML is the mother tongue of the search engines, and should generally be strictly and exclusively adhered to on web pages.

impression (page view) The event where a user views a webpage one time.

in bound link (inlink, incoming link) Inbound links from related pages are the source of trust and pagerank.

index Noun – a database of WebPages and their content used by the search engines.

index Verb – to add a web page to a search engine index.

indexed Pages The pages on a site which have been indexed.

inlink (incoming link, inbound link) Inbound links from related pages are the source of trust and pagerank.

keyword – key phrase The word or phrase that a user enters into a search engine.

keyword cannibalization The excessive reuse of the same keyword on too many web pages within the same site. This practice makes it difficult for the users and the search engines to determine which page is most relevant for the keyword.

keyword density The percentage of words on a web page which are a particular keyword. If this value is unnaturally high the page may be penalized.

keyword research The hard work of determining which keywords are appropriate for targeting.

keyword spam (keyword stuffing) Inappropriately high keyword density.

keyword stuffing (keyword spam) Inappropriately high keyword density.

landing page the page that a user lands on when they click on a link in a SERP

latent semantic indexing (LSI) This mouthful just means that the search engines index commonly associated groups of words in a document. SEOs refer to these same groups of words as “Long Tail Searches”. The majority of searches consist of three or more words strung together. See also “long tail”. The significance is that it might be almost impossible to rank well for “mortgage”, but fairly easy to rank for “second mortgage to finance monster truck team”. Go figure.

link An element on a web page that can be clicked on to cause the browser to jump to another page or another part of the current page.

link bait A webpage with the designed purpose of attracting incoming links, often mostly via social media.

link building actively cultivating incoming links to a site.

link condom Any of several methods used to avoid passing link love to another page, or to avoid possible detrimental results of indorsing a bad site by way of an outgoing link, or to discourage link spam in user generated content.

link farm (free for all, link exchange) a site devoted to directory pages. Link farms allow links to sites of low or no quality, and add no value themselves. Quality directories are usually human edited for quality assurance.

link juice (trust, authority, pagerank)

link love An outgoing link, which passes trust, unencumbered by any kind of link condom.

link partner (link exchange, reciprocal linking) Two sites which link to each other. Search engines usually don’t see these as high value links, because of the reciprocal nature.

link popularity a measure of the value of a site based upon the number and quality of sites that link to it

link spam (Comment Spam) Unwanted links such as those posted in user generated content like blog comments.

link text (Anchor text) The user visible text of a link. Search engines use anchor text to indicate the relevancy of the referring site and link to the content on the landing page. Ideally all three will share some keywords in common.

long tail longer more specific search queries that are often less targeted than shorter broad queries. For example a search for “widgets” might be very broad while “red widgets with reverse threads” would be a long tail search. A large percentage of all searches are long tail searches/

LSI(Latent Semantic Indexing) This mouthful just means that the search engines index commonly associated groups of words in a document. SEOs refer to these same groups of words as “Long Tail”. The majority of searches consist of three or more words strung together. See also “long tail”. The significance is that it might be almost impossible to rank well for “mortgage”, but fairly easy to rank for “second mortgage to finance monster truck team”

mashup A web page which consists primarily of single purpose software and other small programs (gizmos and gadgets) or possibly links to such programs. Mashups are quick and easy content to produce and are often popular with users, and can make good link bait. Tool collection pages are sometimes mashups.

META tags Statements within the HEAD section of an HTML page which furnishes information about the page. META information may be in the SERPs but is not visible on the page. It is very important to have unique and accurate META title and description tags, because they may be the information that the search engines rely upon the most to determine what the page is about. Also, they are the first impression that users get about your page within the SERPs.

metric A standard of measurement used by analytics programs.

MFA Made For Advertisements – websites that are designed from the ground up as a venue for advertisements. This is usually, but not always a bad thing. TV programming is usually MFA.

mirror site An identical site at a different address.

monetize To extract income from a site. Adsense ads are an easy way to Monetize a website.

natural search results The search engine results which are not sponsored, or paid for in any way.

nofollow A command found in either the HEAD section of a web page or within individual link code, which instructs robots to not follow either any links on the page or the specific link. A form of link condom.

noindex A command found in either the HEAD section of a web page or within individual link code, which instructs robots to not index the page or the specific link. A form of link condom.

non reciprocal link if site A links to site B, but site B does not link back to site A, then the link is considered non reciprocal. Search engines tend to give more value to non-reciprocal links than to reciprocal ones because they are less likely to be the result of collusion between sites.

organic link organic links are those that are published only because the webmaster considers them to add value for users.

outlink (Out going link)

pagerank (PR) a value between 0 and 10 assigned by the Google algorithm, which quantifies link popularity and trust among other (proprietary) factors.

pay for inclusion PFI The practice of charging a fee to include a website in a search engine or directory. While quite common, usually what is technically paid for is more rapid consideration to avoid Googles prohibition on paid links.

portal A web service which offers a wide array of features to entice users to make the portal their “home page” on the web. IGoogle, Yahoo, and MSN are portals.

PPA (Pay Per Action ) Very similar to Pay Per Click except publishers only get paid when click throughs result in conversions.

PPC (Pay Per Click) a contextual advertisement scheme where advertisers pay add agencies (such as Google) whenever a user clicks on their add. Adwords is an example of PPC advertising.

proprietary method (bullshit, snake oil) sales term often used by SEO service providers to imply that they can do something unique to achieve “Top Ten Rankings”.

reciprocal link (link exchange, link partner) Two sites which link to each other. Search engines usually don’t see these as high value links, because of the reciprocal and potentially incestuous nature.

redirect Any of several methods used to change the address of a landing page such as when a site is moved to a new domain, or in the case of a doorway.

regional long tail (RLT) a multi word keyword term which contains a city or region name. Especially useful for the service industry.

RLT see Regional Long Tail

robots.txt a file in the root directory of a website use to restrict and control the behavior of search engine spiders.

ROI (Return On Investment) One use of analytics software is to analyze and quantify return on investment, and thus cost / benefit of different schemes.

sandbox There has been debate and speculation that Google puts all new sites into a “sandbox,” preventing them from ranking well for anything until a set period of time has passed. The existence or exact behavior of the sandbox is not universally accepted among SEOs.

SE (Search Engine)

search engine (SE) a program, which searches a document or group of documents for relevant matches of a users keyword phrase and returns a list of the most relevant matches. Internet search engines such as Google and Yahoo search the entire internet for relevant matches.

search engine spam Pages created to cause search engines to deliver inappropriate or less relevant results. Search Engine Optimizers are sometimes unfairly perceived as search engine Spammers. Of course in some cases they actually are.

SEM Short for search engine marketing, SEM is often used to describe acts associated with researching, submitting and positioning a Web site within search engines to achieve maximum exposure of your Web site. SEM includes things such as search engine optimization, paid listings and other search-engine related services and functions that will increase exposure and traffic to your Web site.

SEO Short for search engine optimization, the process of increasing the number of visitors to a Web site by achieving high rank in the search results of a search engine. The higher a Web site ranks in the results of a search, the greater the chance that users will visit the site. It is common practice for Internet users to not click past the first few pages of search results, therefore high rank in SERPs is essential for obtaining traffic for a site. SEO helps to ensure that a site is accessible to a search engine and improves the chances that the site will be indexed and favorably ranked by the search engine.

SERP Search Engine Results Page

site map A page or structured group of pages which link to every user accessible page on a website, and hopefully improves site usability by clarifying the data structure of the site for the users. An XML sitemap is often kept in the root directory of a site just to help search engine spiders to find all of the site pages.

SMWC (Slapping Myself With Celery) indicates an extreme reaction similar to a “spit take” but more vegan-trendy. Often combined with other exclamatory acronyms. – WTF/SMWC, or perhaps ROTFL/SMWC.

SMM (Social Media Marketing) Website or brand promotion through social media

SMP (Social Media Poisoning) A term coined by Rand Fishkin – any of several (possibly illegal) black hat techniques designed to implicate a competitor as a spammer – For example, blog comment spamming in the name / brand of a competitor

social bookmark A form of Social Media where users bookmarks are aggregated for public access.

social media Various online technologies used by people to share information and perspectives. Blogs, wikis, forums, social bookmarking, user reviews and rating sites (digg, reddit) are all examples of Social Media.

social media marketing (SMM) Website or brand promotion through social media

social media poisoning (SMP) A term coined by Rand Fishkin – any of several (possibly illegal) black hat techniques designed to implicate a competitor as a spammer – For example blog comment spamming in the name / brand of a competitor

spam ad page (SpamAd page) A Made For Advertisement page which uses scraped or machine generated text for content, and has no real value to users other than the slight value of the adds. Spammers sometimes create sites with hundreds of these pages.

spamdexing Spamdexing or search engine spamming is the practice of deceptively modifying web pages to increase the chance of them being placed close to the beginning of search engine results, or to influence the category to which the page is assigned in a dishonest manner. – Wikipedia

spammer A person who uses spam to pursue a goal.

spider (bot, crawler) A specialized bot used by search engines to find and add web pages to their indexes.

spider trap an endless loop of automatically generated links which can “trap” a spider program. Sometimes intentionally used to prevent automated scraping or e-mail address harvesting.

splash page Often animated, graphics pages without significant textual content. Splash pages are intended to look flashy to humans, but may look like dead ends to search engine spiders, which can only navigate through text links. Splash pages are bad for SEO and usually a pain in the ass for users.

static page A web page without dynamic content or variables such as session IDs in the URL. Static pages are good for SEO work in that they are friendly to search engine spiders.

stickiness Mitigation of bounce rate. Website changes that entice users to stay on the site longer, and view more pages improve the sites “stickiness”.

supplemental index (supplemental results) Pages with very low trust, which are still relevant to a search query, often appear in the SERPs with a label of Supplemental Result. Googles representative’s say that this is not indicative of a penalty, only low trust.

text link A plain HTML link that does not involve graphic or special code such as flash or java script.

time on page The amount of time that a user spends on one page before clicking off. An indication of quality and relevance.

URL Uniform Resource Locator – AKA Web Address

user generated content (UGC) Social Media, wikis, Folksonomies, and some blogs rely heavily on User Generated Content. One could say that Google is exploiting the entire web as UGC for an advertising venue.

walled garden a group of pages which link to each other, but are not linked to by any other pages. A walled garden can still be indexed if it is included in a sitemap, but it will probably have very low pagerank.

web 2.0 Is characterized by websites which encourage user interaction.

white hat SEO techniques, which conform to best practice guidelines, and do not attempt to

I’ve noticed an increased tendency lately for people to place links to other blogs within their blog posts on a temporary basis. The link only remains for a few minutes but it’s enough to trigger a pingback request in the other blog. I presume they hope that the other blog either automatically accepts pingbacks or that the owner of the blog won’t check the origin of the pingback.

Got a pingback request from someone earlier today who is clearly employing those tactics. Lord knows how long a link to this blog actually existed but it is long gone now – their post was from January 9 but they’ve obviously been updating it regularly to change the links within it as both of the current links are from a week or more after the post was published; one of them is from today. I’m used to seeing that kind of behaviour from spam blogs — you know, those blogs that contain no content of their own but just scrape other blogs for content — but this is the first time I’ve seen it coming from someone who appears to have legitimate blog. Employing that kind of tactic just makes it look as if your blog is junk. After all, if you have to trick people into visiting you, how worthwhile is your content?

I know that this kind of thing has been going on for a few years, but this is my first experience with it coming from a real person. Shame. It might have been a blog I’d have linked to had the pingback been legitimate.

I’m pretty sure this is a spam comment: If a approve it, google will index that website because my blog will link to it.
The problem is that a lot of websites have this comment.
Check it out: Google: Thanks for ….

Credits to http://tell.fll.purdue.edu

I have no idea how Akismet detects comments in WordPress as spam but I realized today that it is safer to occasionally  check the spam queue for legitimate comments. Better to spend a few minutes manually checking the spam queue rather than risking to ignore some sensible thoughts shared by your readers.

My apologies to francis orais, pinoyapache, and ariesmangulabnan for overlooking your previous comments as they have been marked as spam.

I also have 4 pingbacks marked as spam but I have no idea how to verify the authenticity. What are pingbacks and how do they work anyway?

Last weekend’s Podcamp Michigan was the first real experience I had giving a presentation about social media at an event like that, so I am very grateful to Mark Ijlal for the invitation and all the work he put into organizing Michigan’s first-ever Podcamp.

In my last post I gave a brief overview of my presentation and shared my slide deck, but some of the questions that came after my presentation were very interesting and not quite what I had anticipated.

The first question from someone in attendance was whether I thought it was a good practice to include an extra link at the bottom of a comment that leads back to the commenter’s site/blog/whatever.

My answer is no, and although I think I made it clear that I definitely don’t think this is a good practice, what I didn’t do so well is explain why I don’t think it’s a good practice. Thanks to Ken Burbary for helping to clarify this in our offline discussion.

Leaving comments on other peoples’ blogs should not simply be a way to get clicks to your site.

Other people do not write blog posts to give you a free spot to place an advertisement. Most write them to generate and/or participate in discussions – at least I do. Sometimes they have the added side benefit of arousing interest from the blogger and/or other readers, but that should never be a primary motivator for leaving a comment here or anywhere else.

I believe commenting is a great way to build relationships online. However, I want to be very clear that I mean frequent, repeated commenting as in regular participation on a variety of blogs. This is not a one shot deal to see how many clicks you can get by throwing in your two cents. If it is, you’re short-changing yourself.

Relationships take time to build and they are NOT measured in clicks. I may not always respond to comments here, but I often link back to people who comment here and I make an effort to comment on their posts. The simple fact that they participate with me here is a gentle reminder for me to check back into their work.

I also make it a point to post links on Twitter, FriendFeed and other social networks like Facebook and StumbleUpon to promote other peoples’ work. A new favorite place to post links is BusinessWeek’s Business Exchange. Mixx also seems to have a very active community as well.

I hope my participation and promotion of your content means more than a few extra clicks that you might get if you spam my blog with your advertisement-disguised-as-a-comment comment.

That said, I know there are a lot of new people trying their best to engage and I really do give everyone the benefit of the doubt (as do most people), but please know that there is a better way; it just takes time. Don’t ask me to click on your junk the first time we meet.

So, am I wrong? Is there ever a time when it’s okay to post your link at the bottom of a comment? When is this sort of thing appropriate? If not, how can we help people see that promoting others is the best way to promote ourselves?

Photo Credit: The Eggplant

Image by Getty Images

via Daylife

Care to know how much spam you missed? Not really.

But it is an educating exercise nevertheless. And if you happen to have a hosted wordpress blog, then Akismet, the spam filter, can be of use as  Akismet now comes loaded with stats.

Since I happen to own one (hosted wordpress blog), I had a good look at it.

Confusing!

The canned meat in the picture above is ham. But ‘ham’ according to Akismet is a comment that is the opposite of spam. A proper one.

This leads to a ham to spam ratio calculation.

Still there?

If ham were spam none would starve (commentwise, I mean). See this yummy pie from my Greek blog stats and you will understand.

Jokes aside, Akismet does a pretty good job. Yet, for me, it is not the overall stats that are of interest.

The new Akismet offers an insight into two other more important metrics:

• Missed Spam, the spam that made its way to a post.
• False Positive, the real comments that were mistaken for spam.

Of the two, I value more the second, because it reveals a real problem: I am sure you have experienced the small frustration of leaving a comment and seeing it disappear. This can drive a new visitor away for good. That’s why I would like these stats to include the actual comment links. An examination of a relatively large number, might reveal a pattern as to why this happens, a pattern that can be reported back to the Akismet team.

I only hope the team is listening

La importancia de los blogs ha llegado hasta tal punto que muchas empresas hacen las mil y una para transmitir algún tipo de mensaje en los blogs que les interesan. Se puede hacer de muchas maneras, como a través del blogvertising. Pero la forma más fácil de pasar desapercibido es a través de los comentarios.

Por boca de distintas personas y también en muchos blogs, he oído y leído muchas veces que se llevaban a cabo estas prácticas. Aunque mi lado publicitario más creyente se resistía a creerlo. Sin embargo, navegando hoy por Internet he descubierto un ejemplo que muestra de forma bastante clara lo que estoy contando.

En BPhul’s Blog su autor habla de un comentario a un post que él había escrito. El comentario hablaba de lo bien que le habían atendido en Dell. Hasta aquí todo correcto. Lástima que al mirar la IP del comentarista viera que provenía de los proxies de Dell.

Aquí os dejo el comentario completo.

¡Sed buenos…!