Comment Spam Again

If you’ve tried to post a comment here over the last few days, you would have been disappointed. Over the weekend I came under another massive comment spam attack which brought my server to its knees. I was seeing a server load of over 300 (it should usually be less than 1). Even though I had switched to authenticated commenters only, the sheer number of requests on the comments program was killing the server. So I took pretty drastic action and removed execute permissions from the mt-comments.cgi program. I’ve just turned it back on, but I’ll be watching closely over the next few days and will turn it off again if necessary.

I read something yesterday about this huge server load being caused by a problem with javascript files in MT3.2. But I can’t find the article I was reading now [Update: Kevin (in the comments) points out that the article in question is here]. Apparently this problem is fixed in 3.3. I’ve been considering an upgrade to 3.3 recently and having done a clean installation for a friend recently I like what I’ve seen and I’ll be aiming to upgrade this site as soon as I get back from YAPC::Europe. So hopefully the comment spam issue will get a lot better in ten days or so.

“We apologise for the inconvenience”

5 comments

  1. Mr.Rehab,

    The Perl version is not a problem. I’m running 5.8.6 on this server.

    Kevin,

    Spot on. That’s the article I meant.

    Ian,

    I’ve considered that before and I’m currently experimenting with Vox. But I do like having my own site. It gives me far more control – not to mention the income from the Google Ads :)

  2. Actually, the problem was pre-MT3.2. I think it was fixed in MT3.2, if you used default MT3.2 templates and javascript. I had never the templates and therefore was calling the comments.cgi every time a Typekey icon was displayed. Or something like that.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.