Ah… Yes. I now remember why I moved back here.

WordPress had to proudly tell me that I had : 47 hourly views according to their stats. Remember the post on how bad WordPress Stats are? According to Statcounter, it was 118 views in 16 minutes. You do understand what that means right? It’s either one hell of a stupid Spam Bot or a stupid hacker. What having my blog here did was take a load off my server that I pay good hard cash for and let WordPress.com deal with it on their servers.  What’s really amazing is their server didn’t recognize what was going on.  There are no protections in place.

Now there are a couple big clues here. First it,aka 115.186.139.202 [IP address] AS23674 Nayatel (Pvt) Ltd, hammered my older posts. Repeatedly. It also hammered posts that never had comments trying to find them. It was trying to leave comment spam. Sadly, it wouldn’t have worked anyway but it saved me discarding 118 spam comments. Every comment is held for moderation. Even if it had managed, you would have never seen it but cleaning it up would have been a PIA. It also didn’t realize that comments older than 2 weeks [14 days] are locked. It can’t comment. You can’t comment. They are done deals. As I said, it really hammered those. It’s a trend in bots to go for the older blog posts. Couldn’t do a damn thing even if it had managed to leave a post.

It also had to be registered and logged in to comment [along with you filling in your name and email]. I’m betting it didn’t have a fake log in because Akismit didn’t pick any spam at all up. I think it probably tried a simple posting. It’s really a badly programmed bot. There are much better ones out there. What fooled it was the link off my site at 1standingstone.com to my blog. It followed the blog link and I’m betting it saw the blog as part of the site and tried to hack it or post comments like a normal WordPress.org blog not realizing we were on WordPress.com. The settings would have been the same no matter which one I had the blog on but frankly, I would rather the idiot bot hammer this server than my server. It eats up bandwidth. I’m not paying for bandwidth here.

The Twit won’t be back if it tries to come through 1standingstone.com because I blocked the entire IP Range. I don’t sell books to Pakistan so they don’t need to access my book site. I checked it through Project HoneyPot. The Project Honey Pot system has detected behavior from the IP address consistent with that of a mail server. Below we’ve reported some other data associated with this IP. This interrelated data helps map spammers’ networks and aids in law enforcement efforts. It’s been quiet for quite a while but it’s back up in full force.

While you don’t have to worry about a lot of things a person who hosts on their own server does, it pays to pay attention and be protective and proactive on your comments. You may not have a lot of the tools here I have on 1standingstone but you still have ways to protect yourself outside of Akismit.

These should help: How to Identify and Control Blog Comment Spam

And this will give you an idea of what I can do on WordPress.org’s version of this. Vital Tips and Tools

Oh and Project Honeypot is your friend.  If you can get the IP, it will tell you very quickly if it is a real person or a badly programmed bot.

 

Advertisements