Skip navigation

A Day in the Life of a Paranoid Website Administrator

Let me introduce you to a typical day in a paranoid website administrator. In WordPress v1.2, after several months of spam free use, the comment spammers slammed my site. I tried all kinds of spam catching tools that worked, but my paranoia grew. Like most site administrators, I hated those time wasting monsters.

With WordPress 1.5, without any plugins, comment spam dropped almost to nil. There were maybe 5 comment spams a week. Remember, these include the occasional idiot time waster trying to link my site to theirs or just posting stupid stuff, comment spam that can easily get through most spam catching software. I have a top page ranking site with over 700 articles. That kind of popularity and visibility attracts a lot of freaks, whackos, and time wasters. Now, almost nothing. Comment spam, for the most part, is controlled and controllable.

With no comment spam coming in, I started to get worried. What if the new process was cutting out GOOD comments? I installed Paged Comment Editing Plugin from ColdForged which allows me to SEE what WordPress is catching. I was stunned at how little was actually coming through. Using the plugin, click on include spam to see what is being caught highlighted in a pink background. I can easily delete these, removing them from my database and saving some space. Nice.

Then one day I got hit by about 25 viagra/casino spams. While these were caught by WordPress comment spam filters, they showed up in pink using ColdForged’s Paged Comment Editing Plugin. The monsters were in my spam catching database, eating up valuable space on my server. Well, not really but I was angry anyway. Remember, I’m paranoid about comment spam. After several months with only the occasional irritant, I was pissed, so I added the Bad Behavior Comment Spam Plugin.

Again, things trickled down to a nothing and I got paranoid again. Comments were being bounced by Bad Behavior before they even got in the door. It was “too quiet”. I was paranoid. So I added Bad Behavior Stats so I could keep track of what it was doing. Bad Behavior was catching a LOT. On average, it nails 500 known comment spam spiders, robots, etc., every week.

But you see what happened? WordPress stopped the majority of the comment spam out of the package. I got paranoid so I added plugins to help me deal with MY paranoia not the comment spam!

Three Step Solution to Stopping Comment Spam

Luckily for WordPress users, and other blogging or CMS software, most of the filtering out of comment spam is done by the program or comment spam plugins. WordPress does an amazing job catching comment spam without any add-ons, but spammers work overtime to get in the door so you might consider adding some reinforcement.

Many people choose to stop comment spam by using an authorizing image tool or plugin. Near the comment form, a box with letters and/or numbers will be visible and they require the user to type what they see in the box in order to “authorize” their comment. For the most part, these work, but they don’t always work and they put a burden on the user to “see” the characters and type them in correctly. This can be frustrating.

Other comment spam tools allow you to set certain words, called Spam Words, to filter out comments with those words in them. This works for a time, but the comment spammers are smart. For example, you may have the word “viagra” set as a spam word. While you are seeing the word “viagra” in those quotes, this is how I am really spelling it:

& #118; & #105; & #97; & #103; & #114; & #97;

Or they will use a word like “fiôricët” and hide the “o” and “e” from filters because those are replaced with character codes for the foreign letters of “o” with circumflex and “e” with diaeresis symbols as fi & #244;ric & #235;t. See the little characters above the letters? Comment spammers are wickedly cunning and it’s up to you, the site administrator, to be a little smarter by using smarter tools to prevent comment spam.

With WordPress, I personally use a three-fold approach to dealing with comment spam.

Stop Them at the Door with Bad Behavior
Bad Behavior StatsThe Bad Behavior comment spam plugin for WordPress literally gives the finger to comment spammers when they come knocking. It stops the robot spammers before they get in. The program works so effectively, you might think it isn’t working, so there is the Bad Behavior Stats WordPress Plugin that can be posted on your site or on your WordPress Administration Panels to let you know how many access attempts have been made over the past seven days.
Nail Them with Spam Karma 2
The WordPress comment spam catcher Spam Karma 2 is better than ever at filtering any comment spam that gets through, adding the bad robots to the blacklist, and giving you powerful control over your comment spam filters. It’s overwhelming and intimidating. For the most part, I leave it set to it’s defaults and it does the job. You can read through the documentation if you want to understand how it works – or just let it work. And work it does!
Watch the Comment Spam Filters and Plugins Work
Okay, so maybe I’m a bit of a control freak, but I want to know what spam is being caught and I’m worried about good comments getting grabbed by the spam catchers. ColdForged’s Paged Comment Editing Plugin for WordPress allows me to click a link to see the caught spam in my database. I can then look through and decide what is really spam and what needs to be moved back into the good spam category and release it onto the site.

With a good Comment Policy and a clear plan in your head about what kinds of comments are worth keeping or deleting, you can rest a little easier. It also means you have less work to do because the work has been done. Now you can concentrate on providing great content that will attract good comments and leave the rest of the work to the comment spam filters and your comment policy guidelines – and your clear conscience.

UDATE

It’s been many years since I wrote this, and up until two years ago, this was my policy, a three-tiered WordPress Plugin process to help cut down the amount of comment spam I’ve had to handle.

Today, I rely upon almost exclusively. It is a peer-to-peer, crowd sourcing comment spam filtering process that learns by everyone marking spam as spam, and deleting the rest that isn’t, and editing the questionable comments. Among all the blogs I manage, I get 500 to 3,000 spam comments every day and I couldn’t survive without Akismet blocking out 98% of those, leaving me with just a few spammers trying their hand at new techniques. I mark them as spam and Akismet learns.


Feed on Lorelle on WordPress Subscribe Feedburner iconVia Feedburner Subscribe by Email

Copyright Lorelle VanFossen.

4 Comments

  1. Posted May 21, 2011 at 9:05 pm | Permalink

    Excellent tips, I’ve been wondering about the most effective spam management plugins. I’m hoping that someone will re-start maintenance on the Akismet Drupal module…Mollom fails me sometimes.

    • Posted May 22, 2011 at 3:44 pm | Permalink

      Ask someone in the Drupal community to update it if you don’t have the code chops. I believe that the Akismet Drupal module has been updated but I’m not sure.

  2. Sanne
    Posted September 11, 2012 at 12:36 pm | Permalink

    I have this weird habit of sometimes being in a ‘generous’ mood and allowing one or two spammers on my blog, if it looks like they really, REALLY put in a good effort.

    … maybe I need to get out more.

    • Posted September 11, 2012 at 2:48 pm | Permalink

      LOL!

      Honestly, if they put in the effort and it makes sense to other readers, I’ll just delete the links and leave the notes. If it adds to the conversation with a little editing, why not? :D


14 Trackbacks/Pingbacks

  1. [...] As a paranoid website administrator, I am constantly on the alert for comment spam, and I’m a long time fan of Bad Behavior. The new version features a time-testing criteria that puts comment spam bots that leave their litter across mutliple blogs in a very short time OUT THE DOOR. In Bad Behavior 1.2.1, a new feature was implemented which blocked the IP address of a spammer for 48 hours. As it turns out, this is too long for some, too short for others. The new version takes a more balanced approach. [...]

  2. [...] I bring it to your attention for several reasons. First, it was caught and marked for moderation because enough of the comment spam was clever enough to look, at first, sincere. Second, it was caught because enough of the comment spam didn’t make sense and looked suspicious, and WordPress caught it. Third, it’s a new trend in targetted “smarter” comment spam, and yes, WordPress caught it. Stopped it in its tracks before it could clutter up my blog. [...]

  3. [...] A Day in the Life of a Paranoid Website Administrator [...]

  4. [...] I’ve written before about how much I adore the ease and concentrated effort the Spam Karma WordPress Plugin provides by putting a stop to comment spam on WordPress blogs. I recently wrote about how Spam Karma is fighting back against the comment spam bots form hell and ongoing efforts to compete against time-wastering comment spam promoters. Spam Karma’s developer continues to be at the forefront for protecting WordPress users from these evil doers. [...]

  5. [...] I find comment spam annoying. Remember, I’m a paranoid website administrator, so I like checking and deleting my comment spam regularly, just to keep an eye on how things are working. [...]

  6. [...] A Day in the Life of a Paranoid Website Administrator [...]

  7. [...] Two popular articles I wrote helped people understand how to maintain a blog on a daily basis. “My Daily Tasks With WordPress” gave people a quick run down of daily tasks with WordPress, and then “A Day in the Life of a Paranoid Website Administrator” helped people understand about the downside of blogging, dealing with comment spam. [...]

  8. [...] A Day in the Life of a Paranoid Website Administrator [...]

  9. [...] A Day in the Life of a Paranoid Website Administrator [...]

  10. [...] Such is the life of a potentially paranoid website administrator. Now I know how Lorelle feels [...]

  11. […] “A Day in the Life of a Paranoid Website Administrator,” I described the hard work it took to monitor and clean out comment spam, giving you some […]

  12. […] A Day in the Life of a Paranoid Website Administrator […]

  13. […] A Day in the Life of a Paranoid Website Administrator […]

  14. […] A Day in the Life of a Paranoid Website Administrator […]

Post a Comment

Follow

Get every new post delivered to your Inbox.

Join 20,112 other followers

%d bloggers like this: