I just had an interesting spam attack on my site. It was identical spam contents posted to a bunch of my comment forms. I am using CFFormProtect (of course, I built it ;). The first couple of attempts got by Akismet, but my other spam detection methods still prevented the spams from posting (yay!). But what happened next shows where Akismet shines and proves that these methods are way better than Captcha. After Akismet had a chance to analayze a few of these spam posts, it started marking them as spam. The contents were exactly the same for every post, and Akismet was able to dynamically learn. However, when a spammer breaks past the Captcha on your site, he has a free pass to all of your forms.

You would think we developers would have learned our lesson after the Y2K debacle...but I guess not. We are now faced with a similar problem, but this time dealing with browser version numbers.

[More]

I have released CFFormProtect 2.0.2, which has one minor change that makes it compatible with other CFML versions/engines besides ColdFusion 8. If you are curious, I had used the ++ iterator, which only works in ColdFusion 8. I have tested (or others have tested) this new version in all of the below, and it works fine:
ColdFusion 6.x or better
BlueDragon 6.x or better
Railo 3.x
OpenBD 1.0

This article is bound to be controversial, but I beg you to keep an open mind as you read. I have put a lot of research into this, it is not your standard knee jerk "OOP Sucks" article. In fact, you will find in the end that I will recommend still learning Object Oriented Programming (OOP), if you haven't already.

[More]

If you missed the news, CFFormProtect is now built into BlogCFC. So if you use BlogCFC, after you upgrade to version 5.9.2, you just have to add "usecfp" to our ini file and set it to true. Then all of your comment forms will be protected from the evil spammers. :)

Yes, that .1 at the end there means this is a bug fix release. I don't know how this slipped through my fingers, but CFFormProtect 2.0 had a major bug that made the whole thing disfunctional. So if you downloaded 2.0, please get 2.0.1 from the project site. Sorry for any inconvenience this may have caused.

I have finally pushed version 2.0 out the door. This new version has a lot of bug fixes, and I added support for the Project Honey Pot service. I Have been running this new version on my blog for a week now with no problems, but if you run into any issue please let me know.

If you want to uprade from a previous version, it's pretty trivial (as long as you are using the CFC version, not the .cfm version). For my blog, I just had to drop the new CFC in and change the paths (which is detailed in the directions).

For those that don't know, CFFormProtect is a multifaceted spam prevention component that you can drop into your sites/projects, configure it to suit your needs, and it will silently stop 99% of your spam. It doesn't use Captcha, or any other visible hinderances to your users, it all works in the background. Check out the project site for more details.

The CFUnited organizers are doing something a little different this year to pick the conference topics. Like normal, they had an open call for speakers time period (now expired). But this year they are letting the community pick the topics.

[More]

Ed Tabara posted a blog entry about a new spam prevention service for blogs that I hadn't heard of. It's called Defensio, and it's similar to Akismet, but it looks better in some ways. It works similar to Akismet, but it purports to learn from your blog's comments. So you would have different results than another blogger. Looks interesting. I'll probably have to integrate this as another option for CFFormProtect down the road. Oh, and Ed posted a CFC that uses the Defensio API.

I don't get as angry about Captcha as I used to, but on occasion someone asks me why I don't like it. I figured I'd post this list here so I can have something to reference, instead of having to brainstorm everytime I'm asked the question.

[More]