Yesterday morning my blog was flooded with a huge amount of spam (about 40+ in about an hour). I think that the use of any popular blog software (be it WordPress, Movable Type, Blogger) will make you an easy prey for spammers. I know of a couple of people that rolled their own software and haven’t had any spam issues. I have only had one incident of spam since my blog was first made public, but it’s definitely something that I don’t like.
Here’s my list anti-spam initiatives that I intend to take, depending on how bad I feel my spam threshold is being violated:
- WordPress Comment Moderation – The latest version (at least available from CVS) includes a comment moderation facility (like MT’s blacklist plugin). This can help you block known aggressors but still requires you to approve/delete each of comment.
- Change the name of the page being spammed – As of yesterday, I have renamed the standard wordpress comments page to something else. If this keeps spammers at bay for a while, I’ll be quite happy with that. If they seem to keep up with the changes (am I really worth the effort guys?), I might write a cron script or something to change the name daily.
- Change the name of the fields that are posted – Requiring a little more tweaking of the actual code (yay opensource!), I next intend to change the name of the parameters that are submitted, hopefully rendering spammer’s scripts somewhat useless.
- Port the security code (SCODE plugin) from MT to WordPress – If it comes down to it, I’m willing to plunge my head straight into PHP just to prevent spam.
- Adopt a Bayesian Filter – Brett mentioned this seemed to work quite well on some blogs but requires a bit of training. I hope not to have to get to this point.
I haven’t thought about how I can prevent spams from TrackBack URIs just yet, but I’ll cross that bridge when I come to it. If anyone has any other ideas, I’d love to hear about them, just to add to my arsenal (or should that be my canning factory?).
Update 23 Nov:
After reaching the second threshold in my anti-spam checklist, a simple check of the logs informs me that 176 spam comments have been blocked!