Hit me, spammers

I switched from MovableType to WordPress so that I could take advantage of all the fancy new spam fighting features in WordPress – and because I was stuck on MT 2.661 and development in the MT world was passing me by. Initially I was reluctant because WP is written in PHP and I don’t know if it’s the language or the people who use the language, but PHP web sites tend to be great gaping holes with a big welcome mat for spammers, trojans, script kiddies and every other anti-social reject on the net.

So now I’m sitting here checking my SpamKarma page several times a day to see how well it’s working, but the spammers are still attempting to hit my old blog – I see the hits in my httpd logs for “GET /movabletype/custom-comments.cgi over and over again.

Sad but true – I can’t wait for the spammers to find my new blog.

Switched

I’d rather fight than switch. I’ve switched my blog over to WordPress. I’ve got the font size issue fixed. Everything is imported from the old blog. The only problem is that links to the old blog won’t work, because the naming convention of individual posts has changed. Now if only I could remember to uncheck “Uncategorized” before saving each entry.

Anyway, if you’re having any problems with the way things render, links not working, comment spam blocking requiring you to jump through too many hoops, you’re seeing comment or trackback spam, or other problems, please let me know via email to ptomblin at xcski.com

Comment and Trackback spam

I had 60 comment and trackback spams overnight. All but one of them were for the same URL. By the time I got through MT-Blacklist removing them, it had already blocked 5 more attempts to spam the same URL.

The problem isn’t keeping up with the URLs that they’re spamming – that’s never going to be completely under control, but MT-Blacklist does an ok job. The problem is the compromised PCs that the spammers are using. Last night’s spam run involved about a dozen different IPs – you can bet your life that ever single one of them is some idiot’s home PC that’s been taken over by a virus, trojan or spyware.

I can’t keep up with that list of IPs, but I bet there is a clearing house out there, and a plug-in for *some* blog software, that will. Any suggestions?