Skip to content

Jack-O-Lantern User Agent Considered Harmful

While researching some of the spam comments submitted to blog, I ran across the Jack-O-Lantern user agent. Any comments submitted from my blog are run through a unique WordPress comment post script I wrote. The script allows me to track who is spidering my site and storing the comment form URL for later usage.

One of these comment spams tried to use a form generated by a specific IP address. I looked through my server logs and saw that the page was generated on December 4th, 2007, at 2:30pm. There was no referrer given, but the User Agent was “JACK-O`-LANTERN/1.1” (case and back-tick intact). The first spam comment came through two days later, on December 6th at 2:22 pm. Since then I’ve recorded 113 attempts to submit comment spam to my blog from that URL.