Tis the season…

Posted on 21 Dec ’11 by Earl

Earl Moore Photography
Candy Canes, better then SPAM

It seems to be the season for SPAM — not the meat product. I’ve noticed SPAM comment attempts at an all time high at Meandering Passage, as you can see in the graphs below, but so far I don’t believe any of these comments have made it through my multi-layer defenses. I know, I just jinxed myself. :-)

I use three different methods for SPAM prevention on Meandering Passage:

> My outer defense is the Bad Behavior WordPress plug-in which denies many automated spambots access, according to it’s stats it’s denied over 8600 attempted connections in the last week. But some still get around this.

> Next, I use the Akismet Anti-Spam WordPress plug-in to filter out/block SPAM comments. You can see the graphs of SPAM comment attempts below — the last several years and the last six months.

Earl Moore Photography

Earl Moore Photography

> Finally I have WordPress set so I have to manually approve the first comment by any new commenter — this uses the unique IP address to determine the commenter ID. A very few, less then five this year, have made it to this last checkpoint and when they do I mark them as SPAM.

Anyone seeing this same increase of SPAM and have you got a better way to handle it?

What Others Are Saying

  1. Monte Stevens 21 Dec ’11 at 11:35 am

    Been quiet for me. My highest month this past year was June. Now, I’ve probably “just jinxed myself.”

    • Earl 21 Dec ’11 at 11:39 am

      Humm…perhaps Meandering Passage has gotten on some list I wish it wasn’t on.

  2. Don 21 Dec ’11 at 12:35 pm

    A beautiful abstract. Your defenses are impressive and produce great results.

    • Earl 21 Dec ’11 at 2:34 pm

      Thanks, Don, and a Merry Christmas to you.

  3. Mark 21 Dec ’11 at 1:10 pm

    Wow Earl, and I thought Bad Behavior was smacking away a lot of pests from my site with 1500 blocked attempts. Bad Behavior is now credited with blocking away the hackers that brought down my site awhile back. If I had it installed before, I probably would have not had the outage. I have sent the programmer a donation for his great work on this plugin.

    It is hard for me to tell what may be legit connections that Bad Behavior is blocking though. I am assuming they are in the minority.

    I also use Askimet, and it does ok – it was still letting through quite a bit of spammy comments. Then I installed the plugin that asks people to confirm they are not a spammer, and that took care a good majority of the ones that got through. It seemed not too intrusive to legitimate commenters.

    Other than those things, I have done a lot of IP blocking for addresses that I see come up frequently.

    The ones I can’t do much about are the actual humans that seem to be paid to surf and manually spam. Many of them leave comments that sometimes fool me until I look at what they are linking to with their names.

    • Earl 21 Dec ’11 at 2:49 pm

      Mark, about three years ago an unknown hacker exploited a temporary WordPress venerability to create a secret admin user on my site. It was by luck I caught it before any long term damage was done. Since those days I’ve been very careful about security and have been using Bad Behavior for some time. Like you it’s hard for me to tell if the connections it’s blocking are really bad or not but I’d just as soon not take a change.

      I’m happy with Askimet overall. Those paid personal spammers still slip a comment by it once in a while but their first comment still has to be approved by me and once I mark them as spam any other entries from the same IP address goes straight to the spam folder. I always look at the URL they are submitting with the comment.

      But hey, those human spammers are very complimentary about my posts, even if they can’t spell and often have limited command, it seems, of any language! ;-)

      Best holiday wishes!

  4. Colin Griffiths 21 Dec ’11 at 3:05 pm

    Earl: you are making me feel very inadequate. For 1. I don’t get any spam so I can only conclude that I’m just “not out there” :( 2. Today’s image makes me feel totally bereft of any creative skills in the digital image world. I doff my hat off to you on your creative abilities!

    • Earl 21 Dec ’11 at 4:02 pm

      LOL — Collin, it appears I and this blog are popular with all the wrong people. Be careful what you wish for! :-)

      As far as a lack of creative skill, I’ve seen your photography so you can’t convince me of that.


  5. Markus Spring 21 Dec ’11 at 5:09 pm

    Earl, thanks for that hint to “Bad Behavior”, which I installed that very minute. While akismet does a good job in keeping spam at bay, another line of defence is even better.

    @Colin: No visible spam is one of the great advantages of the google blog system. The have the knowledge to handle all this without bothering the user. Sometimes I envy this.

    • Earl 21 Dec ’11 at 10:51 pm

      Markus, glad you you’ve found “Bad Behavior.” I’ve run in for years with no problems.

  6. Eric Jeschke 22 Dec ’11 at 5:24 am

    Hi Earl,
    Your numbers sound about par for the course, I would say. It just comes with the territory, i guess. Definitely a drag having to police that stuff, but I think with the tools at hand it’s not too bad considering the overall number of attempts!

    • Earl 22 Dec ’11 at 8:37 am

      Yeah, there’s just been a big bump this year and especially this month for SPAM. It’s easy enough to handle but it all falls on us to provide the resources to do so.

  7. Paul 22 Dec ’11 at 5:39 am

    Thanks for the heads up on Bad Behavior, Earl. Please feel free to pass along any other plugins that you find useful. I use Askismet and Spam Karma 2. These plugins keep the blog ‘mostly’ spam free, but lately, there have been a lot of human spammers, it seems. Those are easy enough to detect.

    Curiously, though, it seems that even though I have the option checked, first time users still get through, but perhaps they have been through before and approved them? But, I don’t think so. Anyway, thanks again for the heads up. I installed the plugin before even reading the comments. :)

    • Earl 22 Dec ’11 at 8:44 am

      Paul, no problem. I guess I just assumed most WordPress users were using Bad Behavior.

      On those human SPAM comments that show up awaiting approval, I depends it depends on how you deal with them. If you simply delete them the next comment from that IP address will show up again for approval but if you make them as SPAM they will be blocked automatically…at least that’s the way my installation seems to work.

      Have a Merry Christmas and a Happy New Year!

  8. pj 22 Dec ’11 at 3:51 pm

    I haven’t noticed a spike in spam comments, just a gradual increase. I guess it goes with the territory. Akismet works fine for me — maybe 1 in 1000 gets through.

    Great Christmas image, and I hope your holidays are happy Earl.

    • Earl 22 Dec ’11 at 4:52 pm

      Thanks, pj and happy holidays to you too!

  9. Ken Bello 22 Dec ’11 at 5:37 pm

    I have not noticed an increase in spam in the past months and I admit I don’t check very often. I should be more vigilant.
    I love this photo, Earl. Happy Holidays.

    • Earl 23 Dec ’11 at 10:21 pm

      Ken, if you’re not noticing it you probably don’t have a problem.

      Thanks, and Happy Holidays to you too.

  10. Paul Maxim 23 Dec ’11 at 9:52 am

    I haven’t seen any increase either, Earl. My plot of spam looks like a uniform distribution of about 400 a month. And I’ve never had one actually appear as an “approved” comment. Must be I just don’t attract enough attention!

    • Earl 23 Dec ’11 at 10:24 pm

      Paul, just as well because it’s not the type of attention you want.

      From the blocked spam URL links it looks like many are pushing ugg shoes this year…probably knockoffs from China.

  11. Andreas Manessinger 30 Dec ’11 at 9:17 am

    Same here. It got really bad in November. By mid-December I closed comments for posts older than 7 days and that made a big difference.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>