For the last couple weeks, we’ve been getting a fairly heavy round of comment spam. For the last few days I’e been questioning the general intelligence level of spammers. A while back, I had mentioned it in a post and we went for a few weeks after that post published that we didn’t get any at all. It kinda did in my theory that the spammers didn’t look at the blogs they tried to spam. I’m going to digress into where that, now defunct, theory came from.
Before discovering WordPress, Andrea used to use MT to publish her blog. The amount of spam she was receiving and they way it was handled internally (with the version she had at the time), she decided to try WP as a solution. A year after she had switched, the web server error log sometimes showed that her biggest bandwidth use was spammers were still trying to post comments in her nonexistent MT blog (sending a 404 still uses bandwidth). We contacted the hosting provider and they were glad to adjust the server so it would drop all requests for her site for the MT comment page. Anyway, the point of the diversion is that obviously there were a few spambots out there blindly trying servers on a perpetual basis.
Since I now have the distinct impression that, with WP, spammers may need to visit the site to determine some things before they can send the bot off to do the dirty work, I expected that they might actually check to see if any spam has shown up on any old entries. And, possibly, come to the conclusion, after a while, that some WP installations are a waste of time and resources. And that kinda lead to what I said in the first paragraph.
Tonight, I was catching up on my reading and Christine mentioned that spam had made it through Askimet. Now, it all makes sense (well, as much sense as spam will ever make). Askimet is essentially a service available through WordPress that compares comments to comments received in thousands of other blogs. Once it identifies (or someone tells it) that a comment is spam, it then eliminates similar comments that are posted to any other subscriber’s (free) installation. To make a long story short, if you are using WordPress are are being inundated with comment spam, they are just trying to get by Askimet, without knowing whether you are using it or not.
I’ve got my wordpress set up so that all new commenters go into moderation, and I go in every day and delete several hundred spam. Not ideal I know, but I tried akismet, and it ate comments from one of my friends. Once it’s done that, it appears very difficult to get it not to do it, and I didn’t like the control panel for it either.
I hate spam.
We’ve also got the internal blacklist set up to automatically nuke spam containing certain words. I’ve found that most of WP’s internal options for comment do a far better job at deflecting spam than MT ever did.
Inundated in WP for us, means 10-20.
For MT, I sometimes got 100 overnight.
Hm, I haven’t got it set to automatically nuke very much – most of the spam atm is about things like loans, which I’d rather not wipe out as a possible topic of discussion iyswim. So I’m getting rather more inundated than you are then? Good for me.
Haven’t seen the loans yet, the most recent stuff has been about a certain popular search engine.
Want my blacklist?
ooh, go on then!