Uber Spam Attack, Oh My!

You know you’ve hit the big time when you’re under a comment Spam attack. Luckily I had Akismet installed, which caught pretty much all of them.

The Symptoms

For the past few days, I’ve been unable to log in to my back-end. The front-end was fine, so I wasn’t too worried about it.

Finally, I was able to log in, but it was very sluggish. I took a look at my comments queue and gasped. There were over 48,000 spam comments sitting in there. I was like, “No wonder!”

To put things in perspective, here is a screenshot. Look at December’s stats compared to January.

Over 180,000 Spam Comments in January

Reasons for the spam?

I honestly have no idea where all this extra spam came from. I recently got re-upgraded to a Google PR6. I’m not sure if that had anything to do with it.

Also, I pissed off a few people in December by blocking their comments (perhaps some retaliation?).

When I say in my comment form to use your “Real Name”, I mean it. My spam tolerance is pretty much zero these days.

Tools to combat comment spam

Here are the three tools that got me through my spam attack with little effect on those visiting the main site:

  • Akismet – Awesome at filtering out spammy comments
  • NoSpamNX (German) – Great at stopping spam bots. I imagine I would’ve gotten much more spam without this plugin.
  • Ajax Edit Comments – Yes, this is a plugin I wrote, but it has an awesome Blacklist feature that I use all the time.

16 thoughts on “Uber Spam Attack, Oh My!”

  1. Hey Ronald,
    48.000 Spam comments? That’s really bad!

    I use NoSpamNX, too. I’m very successful
    by *blocking* spam comments instead of declaring
    them as spam.

    If your referer check works fine (and I’ve got problems
    only on WP MU installations), than try to block the
    comments directly.

    Good luck,

    1. Dennis,

      I had blocking off, but I have since turned it on as of yesterday.

      I also configured Akismet to automatically delete spam comments on posts older than 30 days.

      It’s just crazy that this happened all of a sudden.

      1. > I had blocking off, but I have since turned it on as of yesterday.

        That will help a lot!
        I have never seen a comment marked as spam by NoSpamNX which wasn’t spam. So I decided to turn the “blocking” on and the automatic spam was nearly gone. Even without activating Akismet.

        But 200,000 spam comments in 3 weeks is really sick. Over 90% of emails are spam today. Maybe blog comments have reached a similar ratio now.

        Btw, AFAIKs link is very interesting, too. Thanks.

  2. I also used akismet to block all those useless spam comment on my blog. And your correct, most people blocking their comments perhaps maybe of some retaliation.That is why all of my comments are all moderated as well

    1. Gabriel,

      I don’t mark people as spam just because they pissed me off. If that were the case, 90% of the comments on this site would be marked as spam 😀

      If I think it’s spam, I mark it as spam. If it violates my comment policy, it’s marked as spam.

      I also have comment moderation turned off here. I hate visiting sites where I leave a comment and have no idea if my comment has been (or will be) posted or not.

      Akismet for me is a nice backup. But lately, as evidenced by the heavy influx of spam, it has been a literal blog saver. I can’t imagine manually deleting 200,000 comments, trying to figure out myself if they were spam or not.

  3. Wow! That is a lot of spam. I am a newbie in blogging and wordpress. I always delete akismet because I thought it’s useless just like ‘Hello Dolly’. I only use WP captcha anti-spam. Thanks for the write Ronalfy.

  4. Sorry to hear that. PR6 is definitively going to attract the spammer/crazy link builder abuser.

    I wonder if you have been referenced on a ‘do follow’ directory or something like this.

    Congrats on PR6 BTW 🙂

  5. I always joke to myself that I know my blogs have been indexed when I start getting spam. 🙂 I use Akismet and it does a great job, but some get through anyways. I bet whats happened is that someone found your blog to be a PR6 and put it on some list.
    Good Luck! Jen

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top