I tried something interesting to see what would result.  For one day, I turned off the Simple Spam Filter plugin, written by the most excellent Tan Tan Noodles coder, Joe Tan.  I wanted to see how much SPAM it was actually prefiltering.  Now, my site gets pretty low traffic, as far as sites go.  Depending on the stats program I use, either 160ish or 700ish visitors came to see me per day on the highest traffic months.  My total bandwidth usage has grown to about 3.5GB per month (thanks in part to the low number of videos and pictures that I host).

After entering some new keywords into the “banned words” list, I stopped having to moderate any comments at all through the Akismet moderation panel.  Anybody who has commented has probably been stopped by SSF and asked if they are indeed human at least once, as there are some pretty common words that show up in spammers comments as well as normal ones done by humans that care to engage in a REAL conversation.  I hope that you’ve enjoyed my attempt at humourously presenting the verification button to you.

What I was worried about was that legitimate commenters weren’t getting their point accross, as no spam to moderate is a bit strange.  Hopefully all you real, live commenters realize by now that you just have to click the button to have your comment appear without any further moderation.

So, what was the result? Of the comments that came through that Akismet hasn’t learned yet and auto-deleted, I got 48 comments in my spam moderation queue.  There were no false positives.  I turned SSF back on and the spam comments stopped getting through.  Thank you, TanTan Noodles!

Could Be Related

Posted by mrcorey on 18 April 2008 at 10:00 am under Site.
4 Comments.

Well, I found a directory on my Wordpress install that I didn’t install the contents of.  My wp-content/uploads/ folder had a directory /2007/12 in it, which, in itself, wouldn’t be much to raise concern, but it wasn’t “owned” by me.  My web host confirmed that all files should be owned by me.  I couldn’t delete the folder, it seems.  I sure wanted to, because it contained 100s of html pages that were all redirects to scummy splogger sites.  So, I guess that I got hacked.  Folks, upgrade your Wordpress as soon as you’re advised of a security release.

When I changed my cPanel password, some wierdness occurred.  If you were browsing my site this afternoon, you might have caught the moment where there was no database connection.  You see, when you change your cPanel password, it changes your mail, ftp, and mySql passwords as well.  It took a minute for the system to all get working again.  When I was checking the mail to ensure that it still worked, I noticed that I had almost 8,000 emails sitting in my default mail account.  I’ve not actually configured an email account, as I use Google’s Gmail redirect service, where I can forward mails received by corey@ to my Gmail email and send as corey@.  Why not use their spam filtering, rather than manage my own?  So, these were the emails that were being sent to any whatever @coreythompson dot com since October.  I am sure that all of it was SPAM, so I set up squirrelmail to show 1000 mails per page and used “toggle all” and sent them to my trash folder and then purged the folder.  I then set up my mail settings to bounce all email to addresses without forwarding with a “no such recipient” message.  Hopefully, this will keep the unwanted emails off my server.

What a sucky happenstance.

Could Be Related

Posted by mrcorey on 16 April 2008 at 6:46 pm under Site.
5 Comments.

TopOfBlogs