Spam Magnet I monitor search engine hits for my various blogs and over the past couple of weeks, the predominant magnet for search hits on new blogs and consequently comment spam (attempts, thanks to Akismet) has been the results from the search linked above. It is strange to watch an IP visit a blog on my server from that search result and instantly access wp-comments-post.php. If you recently started a WordPress blog or are planning to start a new one, I believe that you can reduce some of the deluge by removing the default post that says “This is your first post. Edit or delete it, then start blogging!”.
Mark, very interesting discovery! Lets move the honey pot.
Mark, very interesting discovery! Could move the honey pot and consider giving additional weight to the spammy rating of the existing pot.
Good to know, what’s funny is that these new blogs won’t have any juice to pass along… but I guess spammers want anything they can get.
I noticed this a while ago (Assumed it was a known thing) and deleted/changed it when I noticed it). I find also that once they are stuck on a post, the same bot will continue to try and spam it. That’s where the extended Akismet plugin with teh ability to add to .htaccess and ban by IP comes in handy.
If the blog user follows the directions given right in that very post and edited or deleted it, they wouldn’t be getting spam through this method.
I’m using a tool called Bot-Trap against those bad guys and bots that access the wp-comments.php directly. They will just get a 403. The result is that there are almost no more spam comments 😉
I’ve noticed other trends as well with spammers… When I had posts about WordPress or Blogger on my site, I got tons 600+ spam comments. Thank God for Akismet though. I never had to deal with any of em…
“Results 1 – 10 of about 365,000” That’s ridiculous. Thanks for the find.
@j4p4n: Sorry, but your math may also “block” normal people away from your whole webpage. I use an anonymizer here so I’m not a spambot. And I – surely – block cookies. And what about Google&Co? will they also get blocked? I’m posting here because I was not able to post on your blog, because of this math. 🙁 I use Spider-Trap here which is – in my oppinion – better that bot-trap.