Spam filling up Database!
-
I’ve had a WP blog for 6 months now and spammers have now found me! I installed SK2 shortly after installation and I thought it was working great until I got 6500 spam in one weekend!
That meant 6500 rows in the DB and 300,000 rows in the SK2 log table. I’m sorry, 43MB of logs to stop 5MB of Spam, seems a step backward.
Besides blocking access to my php scripts by IP how can I prevent a trackback spam getting in the database entirely but still have the function available? I’ve applied to get an ASKIMET API KEY twice and never gotten a response…
-
You don’t “apply” to get an akismet key. You create an account at WordPress.com, and upon registering, it automatically gives you your key. You have to look in your settings when you log in.
Are you only using Akismet? You also need Bad Behavior. Add on some Spam Karma love, and you’ll be set.
You don’t need Bad Behavior. Only one is fine and using both is overkill. Just a waste of CPU cycles.
Create a non-blog account over at wordpress.com and it will email you a copy of your API key. Put it into the Akismet plugin, either directly into the file via an edit or via the Dashboard menu. That’s all you need.
Spam Karma
Add on some Spam Karma love, and you’ll be set.
Spam Karma 2 (Final) is and has been being used and it has let thousands of spam fill up my database and has produced 8 times as many Spam Karma log entries as there have been Spam.
Spam Karma has only saved me from having to mark a trackback as spam, nothing more. I don’t even want Trackback spam to get in at all.
Akismet
Tried to register under 2 different usernames with 2 different email addresses and never received an email with my password.You don’t need Bad Behavior. Only one is fine and using both is overkill. Just a waste of CPU cycles.
I’ll politely disagree.
I see Akismet and Spam Karma 2 essentially doing the same thing as far as spam processing. Running both of those could be considered a bit of overkill (although the SK2 plugin that uses Akismet is rather slick).
However, I see BB working great with either of those two. It’s much more pro-active and there’s not much (any?) overlap at all. It’s out in front of the whole spam process.
Just my 1.5 cents.
You don’t need Bad Behavior.
Pardon for using “need” – what I meant was that Bad Behavior works very well with Akismet, and I’ve found it’s very effective to use the two together.
I don’t even want Trackback spam to get in at all.
Then use Bad Behavior instead and get rid of Spam Karma. Like Mike said, using both is overkill (I thought I put that in my original response, but I guess I didn’t. Sometimes my head moves faster than my fingers.)
Tried to register under 2 different usernames with 2 different email addresses and never received an email with my password.
As I stated in my previous response – you don’t “sign up and get an email” for Akismet. If you mean you signed up for the wordpress.com account, then I would check your host’s spam logs – I’m willing to bet that whatever host you’re using has marked wordpress.com emails as spam, and they’ve blacklisted it. That’s why it didn’t come to your inbox. (Especially if using gmail – you need to log into your gmail account and view the “spam” – it’s most likely in there)
You can never have enough DATA….
I have gradually built up a solid (100%) defense against trackback spam in my WordPress 2.3.3 blog which I host at home (Mac OS X Server). The ingredients are as follows:
— Registration is required, with user’s email address confirmed.
— Trackbacks are OFF in WordPress settings (as if that makes any difference).
— Akismet 2.1.4 plugin installed and activated.
— Worst Offenders 0.2a plugin activated.
— WP-Ban 1.20 plugin activated.
— Bad Behavior 2.0.13 plugin activated.Akismet definitely “works” to the extent that it thoroughly filters trackbacks and allows you approve/disapprove stuff. But it’s annoying and tedious, especially because I have trackbacks already turned off in WP! You can always simply let Akismet age and then trash trackbacks automatically.
Worst Offenders and WP-Ban work well together, if you enjoy tinkering. Worst Offenders clusters the main sources of trackback spam by sender’s IP#, and if you collect all those IPs and add them to WP-Ban’s banned-senders list, you can eventually lock out in advance 99% of the trackbacks that Akismet would normally collect. You only need to update WP-Ban’s banned list occasionally thereafter. Plus WP-Ban lets you display any rude error-message HTML page to spammers. ??
If you want to KILL trackback spam entirely, I suggest the Bad Behavior plugin. It hasn’t malfunctioned (“mal-WHAT?”) for me at all, even while it’s running concurrently with the other plugins listed above, and I suspect that I could run only Bad Behavior and get 100% protection (I may try that later). Admittedly this very powerful plugin needs careful observation, might block the wrong trackbacks or users, or might conflict with other plugins. Drive carefully. Byee!
Here’s the thing though:
— Registration is required, with user’s email address confirmed.
I know that when I, personally, see that I have to register to leave a comment I just don’t. And I bet I’m not the only one.
Just my opinion, of course, but I find forcing registration cuts back on what might have been useful comments.
UPDATE….
Well, maybe not “100%” defense. After activating Bad Behavior, I got ONE trackback-spam (caught and held by Akismet plugin) in 24 hours. No big deal, I just added the spammer’s IP# to my WP-Ban exclusion list and then deleted the trackback. Still, I’m pleased.Forgot to mention this…. Here’s an earlier rave about my original anti-spam setup and testing; note that earlier, funkier versions of various plugins were then in use, and Bad Behavior had not yet been deployed in my server.
Yo, HandySolo, I totally agree that “forcing registration cuts back on what might have been useful comments,” but registration also keeps the flamers and goofs locked out. There are plenty of public blogs out there where mad dogs can mark their territory.
registration keeps goofs out? Not hardly. If someone really wants to goof on your blog, registering isnt going to stop them. Its the casual passerby that isnt going to register, and prolly wont come back. I can think of ONE blog that I revisit, that requires registration to comment, just one blog. The rest I wont be bothered with.
They open up registration about once every few months, and I finally caught them on day they happened to open.
—
Now I can goof on their blog.
Yup, we’re about to wander off-topic starting about NOW…
First, Whooami, forget about all this blogology stuff, your village-idiot.org is very excellent. In ways both technical and political. Not just sayin’ that.Back to topic….
A newly-registered member in my blog would still have to get past the rule “Comment author must have a previously approved comment.” Harsh. It’s as if I was formerly a tech-magazine editor, heh.My blog’s dirty little secret is that I’m not really trolling for comments or even new blog members. Satisfaction comes from scanning my server logs and discovering how many hundreds of eyeballs (not robots) stopped by every day, explored the whole place, and then left without dirtying the bathroom. I’m not trying for website “stickiness,” just frontal impact on the reader (one of your header quotes said it quite well: “The harder you fall, the higher you bounce”).
- The topic ‘Spam filling up Database!’ is closed to new replies.