Some of you may know that I switched this blog from Blogger platform over to self-hosted WordPress very recently, thanks (or no-thanks) to Blogger’s decision to cease support for FTP publishing from 26th March onwards.
My blog has always been fine and relatively spam-free for the entire duration when I was on Blogger – about 7 or so years. I get maybe 1 or 2 spam comments every couple of MONTHS. Maybe my blog was (and still is) relatively unknown and only read by my friends and perhaps a few “drive-by” bloggers visiting other sites, helped with keeping the spam count so low.
However, as soon as I switched over to WordPress, spam comments started appearing. Not too many at first, maybe 3 or 4 per day. Still manageable. However, as of last night approximately 11pm Singapore time, I started getting a spate of automated spam-bot comments. No, none of them made it into the blog, all were flagged as spam and held in the moderation queue (yay for Intense Debate‘s spam filters!). However, there were like 300 of them in the span of 10 mins or so.
I really would like to know how the hell these spammers found my blog. It’s been so unknown over 7 odd years and suddenly when I switch over to WP, they notice me. Is there a WP Blog directory listing somewhere on the Internet that these spammers go to look for new victims or what??
Anyway back to the point of this post. Having to go through 300 spam to delete is still a chore, even if they are held in the moderation queue. There is no way (that I know of) to automatically delete them after a set period of days, say 7 or 14 days. What happens if there’s a legitimate comment in the queue that accidentally got flagged because the commenter put in a couple of links? I’d have to wade through 300+ spam comments to find the legitimate one!
So off I went, searching for a CAPTCHA type of plug-in for the blog. Yeah that was the first thing I thought of. Since I use Intense Debate commenting system, I looked there first. No luck. I talked to Intense Debate Support via Twitter, and they confirmed that they do not have any CAPTCHA solutions.
Then I found something called WP-SpamFree in the WordPress plugin directory. The name sounded familiar, and I remembered Daphne mentioned it before in a plurk, and she said she liked it.
At this point in time, I was skeptical because I am not using the native WordPress commenting system – I’m using Intense Debate. I did not see how WP-SpamFree might work if I wasn’t using the built-in one. Secondly WP-SpamFree claims to work its magic without using common methods such as CAPTCHA to verify that the commenter is a real human. I just didn’t see how it could possibly work, but seeing as I had nothing to lose except spam comments, I installed it anyway.
The installation and activation went without a hitch. No need to edit any files, no need to check/uncheck anything else. The default settings pretty much covered everything.
And then my jaw dropped. WP-SpamFree started to record the “kill-counts” of spam. NOTHING NEW entered the moderation queue! I was amazed for 2 reasons – it worked with an external commenting system, AND it worked without the user realizing anything was different! On the surface, the user will see nothing new, nothing different.
Of course, there will be a small percentage of users that will encounter problems when they come to this blog. Those would be the users that have Javascript and/or cookies disabled. However the vast majority will notice no difference at all.
WP-SpamFree really does kick butt!
ps: As of this writing, spam-bots are still trying. And still failing. *evil laughter*
pps: A couple of friends reported possible problems when I was running WP-SpamFree, hence I have now switched over to NoSpamNX. Same effectiveness, minus the problems!
Related articles by Zemanta
- Protect your blog from spams (teabreak.pk)
- Add reCAPTCHA Protection To Your Websites (shankrila.com)
- Add CAPTCHA To WordPress with JR Antispam (wpjedi.com)
- Migrating from Blogger (esp FTP) to WordPress (nofluffjuststuff.com)