Handling Spam II: Revenge of the Spam

Annika Backstrom
in Meta, on 14 December 2006 (history)

The spam around here has been getting worse. My blog has always been a target, but performance on the virtual server has been taking an extreme hit lately. Services slow to a crawl, the machine crashes, processes segfault from (I assume) total lack of available memory. I lose SSH access and send off a template e-mail to my host asking for a server reboot. My gmail sent box is full of these e-mails.

I thought the culprit was the mail system, the available resources spread too thin to spam check and bounce so many messages every minute. After some experimentation, I found that killing mysqld dropped my load average to normal levels. That dropped the blame squarely on the shoulders of the web server, as the only process that uses the database regularly.

A quick check of the last thousand lines of access_log covers 18 minutes of requests. A cool 925 of these requests were POSTs to wp-comments-post.php. Amazing that so many people could directly comment on my blog without first reading the post itself.

Commenting on my blog now requires users answer a simple question. The answer will determine if the comment is posted, or if the comment dies before ever accessing the database or spawning another file read.

May future battles be more meaningful.