Comment Spam Again

If you’ve tried to post a comment here over the last few days, you would have been disappointed. Over the weekend I came under another massive comment spam attack which brought my server to its knees. I was seeing a server load of over 300 (it should usually be less than 1). Even though I had switched to authenticated commenters only, the sheer number of requests on the comments program was killing the server. So I took pretty drastic action and removed execute permissions from the mt-comments.cgi program. I’ve just turned it back on, but I’ll be watching closely over the next few days and will turn it off again if necessary.

I read something yesterday about this huge server load being caused by a problem with javascript files in MT3.2. But I can’t find the article I was reading now [Update: Kevin (in the comments) points out that the article in question is here]. Apparently this problem is fixed in 3.3. I’ve been considering an upgrade to 3.3 recently and having done a clean installation for a friend recently I like what I’ve seen and I’ll be aiming to upgrade this site as soon as I get back from YAPC::Europe. So hopefully the comment spam issue will get a lot better in ten days or so.

“We apologise for the inconvenience”

5 thoughts on “Comment Spam Again

  1. Mr.Rehab,

    The Perl version is not a problem. I’m running 5.8.6 on this server.

    Kevin,

    Spot on. That’s the article I meant.

    Ian,

    I’ve considered that before and I’m currently experimenting with Vox. But I do like having my own site. It gives me far more control – not to mention the income from the Google Ads :)

  2. Actually, the problem was pre-MT3.2. I think it was fixed in MT3.2, if you used default MT3.2 templates and javascript. I had never the templates and therefore was calling the comments.cgi every time a Typekey icon was displayed. Or something like that.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>