A Note on the Type: XQ9PQW

As many of you have noted recently, the “comment verification” system—”CAPTCHA”—employed by this site’s host, TypePad, became a good deal more aggressive over the winter. This has been especially frustrating to those of us who post comments frequently during game threads. We’d like you to know that we are aware of this problem, and we ask your patience as we weigh our options and work toward a solution. As a sign of our good faith, you’ll find posted below our most recent (and extremely aggravating) correspondence on this issue with the customer service department at TypePad. In the meantime, we hope you’ll bear with us and keep on commenting. One helpful hint: please refrain from using HTML tags in your comments; that’s a sure way to trip the system. Thanks.—The Editors

> On Apr 6, 2007 8:52:39 PM, we said:

the comment verificaction process is creating serious problems on our blog. the nature of our blog has it so that our regular commenters often comment repeatedly and over a short period of time (while watching baseball games). the verification is a tedious and slow interruption (it seems even slower than in the past, actually). is there some way we can turn this off, or scale it back?

thanks.

> On Apr 6, 2007 10:47:16 PM, TypePad Customer Support said:

TypePad has become a target of spammers, and we were required to up the aggressiveness of our blocking tools. As a result, you will be prompted to complete a CAPTCHA for comment verification more frequently.

What is the IP Address for your location? You can visit http://www.ipchicken.com/ to determine your IP Address. It’s possible that your IP is being blocked, and we can look up your address to determine if this is the case and unblock it.

Please let us know if you have any other questions.

Thanks,
Jen

> On Apr 7, 2007 8:55:09 AM, we said:

the problem isn’t the ipban, it’s the over-aggressive captcha system. i fail to see why typepad can’t provide an option to turn this off, or dial it back. we actually requested this months ago, and i’m sure we’re not the only ones who have raised the issue. it’s a serious problem for us; i hope that this is something that will be taken seriously at typepad; it is a specific threat to our business. we’re going to need to have it resolved.

> On Apr 7, 2007 2:55:35 PM, TypePad Customer Support said:

Thanks for the feedback regarding the CAPTCHA. At this time, there isn’t a way to disable or change the frequency of the CAPTCHA.

However, we are always looking for ways to enhance TypePad for our users, so we will keep your feedback in mind as a possible change for the system.

Please let us know if there is anything else we can do for you.

Thanks,
Zalary

> On Apr 7, 2007 3:11:19 PM, we said:

i’m sorry but i don’t find that response to be satisfactory. if there’s a way to introduce code to activate captcha, there’s a way to alter it or get around it. it’s a significant problem. there needs to be either an option to override the system or a patch we can add to our configurations to dodge the problem, and this is something that a programmer at typepad should be able to provide.

> On Apr 7, 2007 3:15:54 PM, we said:

I would also add that we raised this issue last july and received the same non-answer, so the “we’ll keep your feedback in mind” response rings hollow. we’ve been patient customers. now it’s time for a solution.

> On Apr 7, 2007 8:17:54 PM, TypePad Customer Support said:

As we have tried to explain, there is not a way to disable the CAPTCHA for an individual weblog at this time. Is this not an option that is available to us nor is this an option we can have a developer work on at this time. As we’ve mentioned, spammers have become more aggressive in their efforts and the CAPTCHA was introduced as a way to deter spammers. While spam may not be an issue for your particular weblog, an influx of spam can affect TypePad’s performance so this is a preventative measure on our part.

Instead, it may be best to look at why the CAPTCHA keeps appearing when commenting. Specific content in a comment can trigger the CAPTCHA. For example, if you include a link with HTML, this will trigger the CAPTCHA. Also, if user comments repeatedly in a period of time, this would trigger the CAPTCHA as well. If your IP address is part of a particular network, this could also be a reason and whitelisting the IP address may help. If you would like for us to do this for you, please let us know your IP address. You can find more on the CAPTCHA here:

http://support.typepad.com/cgi-bin/typepad.cfg/php/enduser/std_adp.php?p_faqid=176

I hope that helps. Please let us know if you have any other questions.

Thanks,
Carla

> On Apr 8, 2007 12:18:36 PM, we said:

carla:

i’m not quite understanding why it is “not an option” for a programmer to resolve the issue. that’s the point. this is a choice typepad is making not to address an issue that we’ve been waiting to have resolved for, basically, a year, and in that time it has been “adjusted”—to become more aggressive. I appreciate typepad’s need to protect itself broadly from spam, but there still needs to be some patch available to those of us who are negatively affected by the system.

to be clear, the reason we’re having captcha issues, as we have tried to explain, is because users comment repeatedly in short periods of time: we WANT them to do this, and to be able to do so freely. we’ve had issues with network blocks in the past but that’s not the problem here.

what is the exact comment frequency that triggers captcha? once captcha is triggered, how do you un-trigger it? if you restart your browser, will it release? at the very least (and it is the very least) can you provide us with specific ways to avoid activating the system?

> On Apr 8, 2007 5:42:34 PM, TypePad Customer Support said:

When multiple comments are submitted within a 10 minute period from the same location, you will be required to complete comment verification. Location is based on IP Address and not browser session, so exiting your browser or clearing the browser cache will not reset the prompt for comment verification.

Additionally, any HTML or links included in a comment will trigger a CAPTCHA. We have more information on the triggers for comment verification here:

http://support.typepad.com/cgi-bin/typepad.cfg/php/enduser/std_adp.php?p_faqid=176

We understand the need to complete a CAPTCHA for each comment has a negative affect on blogs like yours that encourage multiple comments on posts. At this time, we do not have an option in place that will allow you to disable comment verification completely, and we understand it is frustrating not to have any control over this feature.

We are continuously working on improving our spam fighting techniques and developing comment verification alternatives to the current CAPTCHA. We appreciate your feedback on this matter, and we will be sharing your comments with the entire TypePad team. It is always helpful to hear feedback from our bloggers, and we really are grateful that you have taken the time to share your feedback on how our changes have affected your blog. We will take your experiences with comment verification into consideration when developing new methods of spam fighting.

We appreciate your patience while we continue to battle spam. Please let us know if you have any other questions.

Thanks,
Jen

> On Apr 8, 2007 8:53:26 PM, we said:

jen:

you write: “When multiple comments are submitted within a 10 minute period from the same location, you will be required to complete comment verification.”

this is simply wrong. lets use, for example, this active thread:

http://yanksfansoxfan.typepad.com/ysfs/2007/04/lets_try_this_a.html#comments

–”yf” commented from the same computer and same location at 8:34 and 8:39 and was NOT caught by captcha.

but

–”sf” commented from the same computer and location at 8:14 and 8:35 and WAS forced into the captch system.

so why does it work sometimes and not others?

> On Apr 9, 2007 11:04:53 AM, TypePad Customer Support said:

Thanks for following up. As you and your users successfully complete the comment verification over time, the IP address and location details will be added to the unbanned list and you may see the CAPTCHA triggered less often.

Because IP addresses can be variable, and because some unrelated users may be using the same IP address at the same time, it is impossible to say with certainty the exact times a CAPTCHA request will be triggered.

For example, it is possible that “SF” shares a common or popular IP address, someone using the same root IP as another TypePad commenter.

We appreciate your patience while we continue our work to prevent users from being affected by spam. Please let us know if you have any other questions.

Thanks,
Zalary

12 comments… add one

  • Hey, thanks for trying guys. I hope things improve eventually, and I’m glad to know it’s not due to lack of effort on your part.

    Devine April 9, 2007, 2:22 pm
  • As of last season, if you create a typepad account, and “Sign In” to that account, it was the case that it would not matter even if you had signed in; posts would still be subject to captcha authentication. Because of that, I didn’t bother signing in as Typepad wouldn’t remember log-ins on my browser between sessions anyway, and just used the cookie-based “Remember personal info” radio input function, which is essentially anonymous.
    I just did a quick test after signing in to TypePad under my real account (it’s free if you want to test) and posted five quick comments with URLs. Captchas were sent after the fourth comment, regardless of the fact that I had authenticated. That’s probably the most frustrating part. It would be easy enough for Admins to IP ban/Account ban people that actually bothered spam under logged in accounts, leaving Captcha tests to anonymous posters.

    attackgerbil April 9, 2007, 2:32 pm
  • Also, why doesn’t Typepad allow you to view posting histories of logged-in commenters? I’d really like to easily track down things I wrote the night before in a drunken rage so I know to whom I have to apologize. Or not.

    attackgerbil April 9, 2007, 2:41 pm
  • A comment on the technical aspect – it seems like they have a “global” captcha system based on IP, which basically means the “spam detection” isn’t limited on this blog – if I comment here and another typepad blog in a short span, it’ll be caught. I’m guessing their current infrastructure doesn’t make for “personalized” captcha. Would probably take considerably more resources.. and as a sidenote, it seems like the site’s been slower than in yesteryear..

    Lar April 9, 2007, 2:58 pm
  • First time I’ve ever heard the name Zalary.

    Brad April 9, 2007, 3:05 pm
  • i am a bot.

    sf rod April 9, 2007, 3:11 pm
  • Lar: we’ve noted the slowness as well. Believe me, all options are on the table.

    YF April 9, 2007, 3:11 pm
  • All of my comments have been an elaborate ruse in order to gain your trust, then I will sell you all some marshland in Florida.

    LocklandSF April 9, 2007, 3:55 pm
  • i am spam

    dc April 9, 2007, 6:28 pm
  • i am spam

    dc April 9, 2007, 6:28 pm
  • spam i am?

    Devine April 9, 2007, 7:16 pm
  • YFSF – since you’re using TypePad, it might be time to switch to either Movable Type (same company as Type Pad, but you host it yourself) or WordPress (my favorite). I don’t know what your bandwith is, and how that effects your hosting needs, but a switch to your own server should give you much more control over comments.

    Max April 10, 2007, 12:05 am

Leave a Comment