I have turned off all commenting on this blog till I can come up with an acceptable method to prevent spammers from DoSing the mysql server. On average yesterday, the server received ~10,000 comment spam post requests and thus the scattered downtime for the server. I need to prevent a database query for every comment request, somehow. Please email me if you have some ideas or already have something in place.
Be back with comments soon. Sorry for the inconvenience.
PS: I am not really looking for a spam filter (of which I have enough). I need something that would intercept spam comments before the commenting process starts and accesses the database.
[EDIT] Back on again, please report any problems.
Suggestions that I have found useful include:
Apache mod_security, Spam Valve, Bad behavior, WP Hashcash and Referer Bouncer
I have already implemented a couple of these and am in the process of rewriting a couple more to suit my needs. The first three are very promising. Bad Behavio(u)r has some clever code and when used without the logging feature, is very swift. I might tweak the code a bit to make it even more transparent and engage it *before* the WordPress process using Addhandler. Using JS verification is an option that I would consider but would rather stay away from.