Damn spammers
You may or may not have noticed but every afternoon the site goes down for a bit. That’s because, according to my host provider, the site is getting barraged with referral spam. Beyond my control. Hell, I thought I’d gotten rid of them by finally banning trackbacks and pingbacks. But they’ve found a new way to be a pain in the ass.
April 11th, 2008 at 12:33 pm
Sadly, removing the capability of your weblog to accept pings does not necessarily stop the pings from coming in… they just all receive 404s, or the equivalent error page.
There is a way to convince your server to accept more pings before reflexively shutting off all contact to the world, but I will be buggered if I remember how :).
April 11th, 2008 at 1:24 pm
Most of this spam is now coming out of third world countries … they are even paying people in India, etc, to pas Turing tests to place comment spam.
You might consider having your host tell you what countries the spam and pings originate from, and then having those entire IP ranges dropped on the floor.
I use .htaccess to ban entire countries … they can no longer see my blog, so they don’t even try to spam me any more.
April 11th, 2008 at 2:51 pm
Spammers can all burn in hell.
Have you tried the ‘bad behavior’ plugin? It also won’t stop the requests from coming in — don’t know if it’ll help with server load or not.
Unfortunately, the other fix is to start mucking with .htaccess, as Kristopher said. That can get tedious quickly, but if there is some commonality among the worst offenders, a few lines can be more effective. I do some of this for my site. Example:
SetEnvIfNoCase Referer {offending domain name} spammer=yes
… {more lines similar to above}
order allow,deny
deny from 75.126
… various additional IP address blocks here
deny from env=spammer
allow from all
It’s possible you could use Referer to find common strings used by the spammers. Difficulty is in not blocking legitimate requests.
Have you read through the various articles at wordpress.org for combating spam?
April 11th, 2008 at 11:40 pm
I just started getting them, too. Bastards.
April 12th, 2008 at 8:42 am
I get 2,000GB of transfer a month, so I don’t have any problems (not that I’d have problems anyway). I just turned off user registration and that stopped almost all the spam I received.
April 12th, 2008 at 8:53 am
Ahah! .htaccess was what I was thinking of. Just be aware that you can seriously break your webpage if you muck it up too badly, which I almost did, which could be why I intentionally forgot about it…