 |
|
| FriendFeed is the easiest way to share online. Learn more » |
Tom Duong › Likes
Neverending wordpress spam wars continue. While I've managed to plug the gap of people dumping thousands of spam comments into old posts, I still seem to be losing huge amounts of bandwidth every day to spammers who keep hitting the site daily. I used 0.6 GB of bandwidth yesterday and I don't really know what to do about it at this point.
Jeroen De Miranda, Tom Duong, Ho John Lee and 3 other people liked this
CPanel allows me to IP ban those top few offenders, but that just sets up a cat and mouse game of me checking logs to see who's gone too far and banning them one IP at a time. Surely there's a better way? I've had to triple my yearly hosting package this month just to keep ahead of my bandwidth cap :(
- Daniel J. Pritchett
For reference my "pre-spam" bandwidth use was *maybe* 50-70 MB/day. I've gone up by an order of magnitude and I'm not seeing any real change in actual readership.
- Daniel J. Pritchett
You can do it a lot easier by manually editing the .htaccess file in the root directory of your host. Just go in there, open the file called .htaccess and look for a line that says Deny from XXX.XXX.XXX.XXX ... just repeat that line with every IP on that list and see if it helps.
- Trent Hamm
Trent - I'm sure this CPanel widget is just modifying .htaccess for me. I'll keep that in mind if I ever feel like doing it via FTP rather than CPanel, but that's not really what I'm after. I need a way to proactively save myself from these problems. The only way I really know right now is to use a larger hosting provider that will protect themselves from spam (like say Blogger or Wordpress.com) but I'm really hoping I won't have to abandon my self-run WP.org setup just yet.
- Daniel J. Pritchett
I feel for you. I had major issues a few months back with spam injection links, and it took a fair amount of time to get everything cleaned up. I imagine you've already done these things, but you can disable comments on posts of a certain age, and you can look at banning offending IPs, domains that spam is coming from, as two initial steps.
- Patrick Jordan
That's about the best you can do unless you can get a network provider to block those IP addresses. You might want to talk to your hosting company about it, as I know that at least some will block the worst spammers upstream of your server.
- Trent Hamm
It depends on whether or not it's bandwidth of stuff you're sending to them, or stuff they're sending to you. The "Cookies for Comments" plugin will stop you sending anything of substance back to them, as well as stopping their spam from getting into your comments. If it's stuff they're sending to you, then there's little you can do about that. http://wordpress.org/extend...
- Otto
Also, the httpbl will block known comment spammer IP's. Good way to stop those heavy hitters, since they're all in the blocklists: http://wordpress.org/extend...
- Otto
The weird thing about this is that this report's numbers are very high; to have Gigs of text (comments) you would need to be hit by millions of requests. Is that the case, Daniel?
- Jorge Escobar
It's not even comments as far as I can tell, at least not on my site. It's possible they are getting comments through to IntenseDebate and then those are just not showing up for me. I think they are failing to comment but still hammering me with squillions of page loads. I'll get that HTTP:BL plugin ASAP, thanks!
- Daniel J. Pritchett
from IM
Do you have Akismet enabled?
- John Craft
Do you see any unusual activity when you tail -f your apache logs?
- Jorge Escobar
Daniel: Nah. 1.4 GB / 16724 = ~87K, which could be feasible for somebody spamming comments. Especially if the comment is getting to the system, going to akismet, getting back a rejection, and then WP is serving up the full single page (sans his spam) back to the spammer. Best way to deal with known spammers is to serve them absolutely nothing.
- Otto
Jorge - I looked up the referrer logs and found the last visit from one of the worst offenders - looks like he just crawled the site? http://friendfeed.com/dpritch...
- Daniel J. Pritchett
That HTTPBL plugin doesn't seem to work with the latest Wordpress 2.8.1. I'll have to poke around and see if I can figure out why.
- Daniel J. Pritchett
It made me happy to one of the explicitly banned spammers get a 403 from my server a few minutes ago though: 94.76.213.204 - - [28/Jul/2009:17:43:52 -0400] "GET /2009/05/collaboration-throughout-the-centuries-a-letter-from-a-reader/ HTTP/1.1" 403 - "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
- Daniel J. Pritchett
seems like a low bandwidth cap if 0.6gb/day is a problem. many hosts offer 200+ gb monthly on standard plans.
- Mike Chelen
Save your bandwidth from comment spammers using "Bad Behavior" for WordPress - http://wordpress.org/extend...
Tom Duong and Meryn Stol liked this
"Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site's load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers. Bad Behavior also transcends other link spam solutions by working in a completely different, unique way. Instead of merely looking at the content of potential spam, Bad Behavior analyzes the delivery method as well as the software the spammer is using. In this way, Bad Behavior can stop spam attacks even when nobody has ever seen the particular spam before."
- Daniel J. Pritchett
from Bookmarklet
I've installed this today and it appears to be the proactive spam fighting solution I was looking for. One catch - it requires a minor modification to WP Cache or WP Super Cache if you're running those.
- Daniel J. Pritchett
Bad Behavior is a bit over-protective, sometimes. Lately I've switched to using the httpbl plugin and it works quite well. http://wordpress.org/extend...
- Otto
I was using HTTP:BL yesterday but it didn't really give me the logs to make it obvious that it was doing anything. At least with Bad Behavior it looks like something's happening...
- Daniel J. Pritchett
from IM
HTTP:BL gives plenty of logs, but you do have to turn them on. By default they're off for speed reasons.
- Otto
Other ways to read this feed:
