For some reason, in November my two blogs were targeted by spammers worse than ever before. On my personal blog (this one, duh) spam jumped from about 2000 in October to nearly 12,500 a month later. What the hell! Here it is in lovely graphical form:
None of these spammers were able to post comments, though — they were stopped cold by the incredible (and free!) WordPress plugin Akismet. Anyway I wasn’t really paying attention to it, but my webhosting company Lunarpages (they’re awesome, by the way) alerted me to this activity because the traffic generated by this stuff was way over their threshold for “normal usage.” They gave me some tips on how to curb this bullshit, and taking their advice I installed a plugin called Wordfence which single-handedly allowed me to get a grip on the situation and start figuring out where the spam was coming from. I can see what pages they’re accessing, how many times they’ve done it, when they’re trying to post comments using a fake name, where they originate, and all sorts of other fun stuff.
Turns out that most of this spammy traffic was coming from China — no surprise there, given that China is a spammer’s best friend as well as a super cheap place to rent some servers for cranking out spambots — so I immediately began banning entire IP ranges that originated there. Not just the individual IP, but the entire network. If it originates in China and it’s a “web crawler” (not an actual person), it’s banned the moment I see it pop up on my Wordfence logs. Right into the spammer toilet you go, asshole!
The situation was much, much worse on my other site, the Nina Hagen Electronic Shrine. The spam levels had been steadily rising over the past few months, from 10,000 in July to double that in October. Then in November it exploded at nearly 40,000! Once I began banning China and some other IP ranges in Brazil, it droopped dramatically in December as you can see below.
I think I know why spambots are so attracted to that site. I have a couple of pages on there which contain my old guestbooks from ages past, and those contain email addresses. Old ones, but still…a spambot sniffs out email addresses like Toronto mayor Rob Ford sniffs out dime bags. Removing the addresses would take ages, so I tried removing the email links by putting a space on each side of the @ symbol. That way they’d be harder for the spambots to “see”, right? I think. It was worth a try, anyway. I think the IP banning is working better than anything else, though.
I actually enjoy checking in every couple of days and banning a shitload of suspicious IPs. It’s kind of therapeutic. 🙂 I just wonder if they’ll try something new at some point and come at the sites from a different angle…