1. Do any legitimate viewers actually submit the form using GET? I would have thought that practically everyone uses the comments form as it is on the page, so I can’t see you losing any proper comments by disabling GET.

   I think you can throw something like this into a .htaccess file (in the same directory as mt-comments.cgi) to stop it:

   <FilesMatch “whois.php”>
       <LimitExcept POST>
           Deny from all
       </LimitExcept>
   </FilesMatch>

   Unfortunately, this will apply recursively down the directory structure as well, so you’ll have to override it if you want to have a mt-comments.cgi without this restriction further down the tree (unlikely, but you can bet someone will want to).

   I’m not an Apache expert by any stretch of the imagination, but the above code works for me. Your mileage may vary. 🙂

2. verrrrrry nice – i’ll give it a shot and report back 🙂

3. Argh, I just realised … mt 2.661 uses mt-comments in GET mode to redirect URLs to decrease Page Rankage … 😛

4. Ah, well in that case you will need to hack mt-comments.cgi to only work with POST rather than both then.

5. Change yo’ur life with V1a GR a! $17.28
   $21.42
   ksdjf roigh oidfjj oidvnoi

   ORder ONline – GUARENTEEED not risK

   $23.83!

   Much enojyment!

   http://rx34.dodgyasfsck.com/84579?neurosemailaddress_0wned!

   dfoijgoi tpoiyjiu[o fsdiogspoi

6. Some more weird spam yesterday coming from an Italian IP address and trying to get Google juice for a domain that doesn’t even exist yet … Comment spam confuses me more by the day 🙂

7. can’t wait til MT 3.0 is out!

8. Well, it’s out, I upgraded to it, and I just deleted about 50 comment spams left on my blog across various posts from various IP addresses. Thankfully, because I now screen comments, I just deleted them all and they never once appeared on my blog. But how much of a hassle is comment spam still? Blah.

Comments are closed.