(Updated, see below)
In short: I know moving from Drupal to WordPress would increase the amount of spam I was attracting, but I didn’t know-know it. Now I know. Holy cow, that was a lot of spam.
Y’all probably didn’t see any of it, because Akismet was doing what it was supposed to do and kept it out of the comments. But Akismet doesn’t stop spam accounts from registering, and in the short time I’ve been up my database has grown significantly just from storing all those fake user IDs and links to knockoff shoe websites.
(And… life insurance plans? Seriously, folks?)
Anyway, I had to take drastic measures. I’ve installed a plugin that not only stops comment spam as it happens, but is also supposed to prevent spambots from automatically registering accounts. It also went through my database, identified which of the user accounts were spam accounts (hint: it was most of them) and remove them from my database.
It’s the last step that has me worried, though. It needed to be done, but I’m worried about false positives. There is a chance that if you were one of the few real people who created an account on this site it deleted you. I don’t think it happened, but it’s possible. If it did happen to you, I apologize. If you find yourself being blocked from creating a new account, let me know and I’ll try to help.
Anyway. Hopefully this makes the problem more manageable in the future. You’ll note I didn’t say “hopefully this solves the problem…”
Update
Umm, ok. So in the course of actually registering a security plugin I’d already installed, it went ahead and enabled two-factor authentication on my site. Which seems like… um… overkill, to be quite frank, but when I try to turn it off the plugin starts shouting at me about security and how I’m being irresponsible, and how I should have gone to medical school and held down a real job instead of whatever it is I’m doing now.
It looks like y’all can choose to skip over it, so I’m leaving it up for now, because I’m being successfully bullied by a freaking plugin.
8 comments
Yea, I’m still here
Isn’t that what computers are for? To bully innocent developers?
Interesting chicken and egg scenario you raise there, Kai. 🙂
Well, I think I still exist here.
In certain forums I’ve seen, they usually get at least one post about how you can make money stuffing envelopes or or working thru google or such. It seems you’ve managed to stop those.
For a while I managed to stop everything!
Which plugin? I was comparing them last weekend and didn’t see the one that would purge existing ones.
CleanTalk. It didn’t get all of them, but it did get a heck of a lot… I’m using it instead of Akismet now. Akismet is great at stopping comment spam, but CleanTalk also blocks registrations and you can use it to flag spam accounts, too.