The ups and downs of the fight against blog spam
I’m always interested in the spam cycles on the blog—which I assume merely reflect the spam cycles on WordPress and its anti-spam plugins. By “spam-cycles” I don’t mean anything to do with email, I’m taking about the bots (or whatever they’re called) that plague the comments sections of blogs. They’re programmed into being by people, I assume, but then they’re automatically generated in enormous numbers and come with enormous frequency. They will completely take over comments if there are no defenses in place against them.
Their purpose is to increase the rankings of the sites that send them, in line with the Google algorithms that determine these things. They probably have other purposes too, but I forget what they are and I don’t feel like investing the time to look it up right now. There was a period when this blog got many thousands per day that were captured in the spam filter—and I mean something like ten thousand or so per day, which I would need to delete two or three times a day or they would start to gum up the works.
Then quite suddenly the volume went down to hundreds per day. Apparently, WordPress and the plugins (sounds like a 50s rock group) was making headway against them. That lasted for quite some time, maybe a year.
Then it got even better. Maybe twenty a day, and I could go for ages without even needing to clear the spam file.
And then, just as suddenly, about two days ago the number zoomed up to close to a thousand a day. This is still very manageable—after all, the vast majority never see the light of day, and it’s easy and only takes a moment to get rid of the whole folder each day. But I noticed that the spam is almost all coming from one particular site that specializes in proxy IP numbers.
It seems that this one site—like a rogue virus—has managed to find a way to elude whatever defenses WordPress and the WordPress plugins have set up so far, defenses that are adequate to almost all the other viruses. I look forward to seeing how long it takes WordPress to marshal its defenses again and defeat (temporarily) the spambot.
Reminds me, I just had two voice mail messages, both robo sounding recordings in Chinese on my cell.
I don’t even know what to do with that.
The ‘bots were busy colluding, but now they have more time.
Also, a single ‘bot farm may be experimenting with defenses that might enable more nefarious activities; I don’t know enough about WordPress and other blogs, but software tends to be communal and replicative, so a weakness in comment filters might signal a weakness in more sensitive applications.