Tag Archive: Comment Spam

Akismet and Jetpack Issues, Stop Spammers and CloudFlare Save the Day

My Web Host Penalised Me Yet Helped Speed Up My Site

Introduction

shared web hosting

shared web hosting

This site used to be hosted on Site5, in Texas.  I had a shared web host account, about the cheapest there is on Site5 though by no means the cheapest around (I’ve had experience of really cheap hosts….).  It worked alright, site management was good.  Then, I got hit by spammers.  Twice.  Big time.

Each time, this slowed the site down, made life hell for other shared accounts, especially when I introduced WordPress plugins to counter this.

Naturally, Site5 advised me to stop the hits or they’d pull my account (they’d already temporarily disabled it).  They advised me to cut the plugins, using GoDaddy’s plugin testing tool, WordPress Plugin Performance Profiler (P3).  So I did this, and after some trial and error, got the running processes down.  Of course, I lost a bit of neat functionality.

Testing Times

Apart from internal WordPress testing, it pays to test your site as if you are someone else somewhere else.  Pingdom have a set of tools that does just this, testing from various global locations and I can recommend it.

Result!

I used an iterative approach, testing various combinations of plugins and systems to end up as being in the top 8% sites for speed in the world!  Not bad for free is all I can say!   You’ll see in the screenshot above, that 92% of websites are slower than mine….   So is it really free?  Here goes…..

Paid For:
  • Web Hosting.  Shared.
  • My domain registration.
Free:
  • WordPress and all the LAMP functionality
  • WordPress plugins
  • CloudFlare
Pingdom Says

Pingdom Says

Automattic Issues

WordPress (which this site uses) is built by the Automattic team and naturally have expanded over time.  I’ve used their plugins for many years, Akismet from the off, which is a comment spam blocking system.  Latterly, they came out with Jetpack, where they say,

Supercharge your WordPress site with powerful features previously only available to WordPress.com users.

Jetpack is a WordPress plugin that supercharges your self-hosted WordPress site with the awesome cloud power of WordPress.com.

P3 Selected Output

P3 Selected Output

This is all well and good, except when I tested it using the P3 plugin profiler, Jetpack was the biggest drag on everything!   The worst part of it, was that actually, I was only using a small part of its features and it was still the biggest suck on performance.

  • I didn’t use Carousel for photos since I had an old solution, NextGen Gallery, that I’m loathe to change.
  • The comments system mucked up all other comment plugins, grabbing all for itself (a bit like Microsoft here!)
  • I used the stats, and that was about all, yet they were very slow and not that informative, actually.
  • Nearly all the other stuff I looked at, tried and ditched for similar reasons.

So much for the awesome cloud power.  On top of this, you’re now supposed to pay for parts of Automattic’s offerings, like Akismet, the comment spam blocker while a major offering of theirs was actually slowing my site right up!

What Did I do?

Change host!

Well not initially, actually, though the heavy-handed Site5 approach got my ire a bit I must admit.  I did do loads of tests with a host of caching, anti-spam and page load improvement plugins first…

Vidahost

Vidahost

I now use Vidahost in the UK.  The site is faster to manage (along with my others) since the servers are in the UK with me, and it’s cheaper, providing almost the same functionality and tools as Site 5.  I took the opportunity to clean out a few dead files in the process, but essentially, all was moved, database and files.  The lot.  Just twiddled config.php and the .htaccess file a bit.

did worry that my American visitors, who are actually in the majority, would  suffer slower speed and thus I’d get hit in Google rankings, but hey, wait for later…!

I got it all working and as part of the whole “thinking” process since the very first warnings from Site 5, I’d been looking for better things.

Looking at Things Closely

  • I like Related Posts.   Related Posts plugins do just that.  I love the idea of pulling out meta-data relevant stuff from a website.  Site 5 had said, as have others on the web, that this sort of plugin makes big hits on a site.  Some of them really do!  I use  YARPP, with a limited subset of features enabled which cuts down processing.
  • I also like Andrew Ozz’s Shutter Reloaded which shows images nicely.   I also like his post editor, TinyMCE Advanced, it being the best of many I’ve tested over the years.
  • I like NextGEN Gallery having used it since before WordPress got all image fancy.  I haven’t got time to fiddle with thousands of photos now…
  • I’d like some statistics within WordPress.
  • I’m not that interested, any-more (though I was) in Social Networking sharing features.  Truth be told, if someone wants to share, they will.
  • I’ve read a lot on image improvements.  I’ve always shrunk images manually before uploading using the excellent IrfanView application.  But during this enforced research, other things like sprites and delayed image loading popped into the equation.

So I like certain plugins or functionality.  I try and use the one that works best for me.  Too many plugins make a big hit on the server and thus website loading.

Caching

A way round this is caching.  e.g. If a post is created and has related posts clagged on the bottom using YARPP, then the post is cached and YARRP is only running once.  How and where the caching is done is the crux of the issue…

Site 5 suggested W3 Total Cache as a better alternative to Wp Super Cache,  which I’ve used for years.    Naturally, I’ve tested this and my conclusion was that it could be fast, and it was fast for a while, but over time on each of my sites I got issues around lock-ups and the huge and complex caching system around files, databases and sprites.  This list is long.

I’ve also tested various database query caching plugins likewise over the years.  W3 Total Cache incorporates this method too, but ultimately, it made too much work for not a lot of difference IMHO, since I’m lazy.

However, it did point me to one thing!  CloudFlare.

CloudFlare

CloudFlare Admin1

CloudFlare Admin1

Ah.  The power of the cloud is back!

Not only that – it works!

CloudFlare Admin2

CloudFlare Admin2

You re-direct your DNS at your domain registrar (joker.com in my case) to CloudFlare’s DNS servers, set up the site malware protection level you want – then after a few hours your whole site is cached and protected.  Best of all, it’s free for a little site like this!

In fact, using CloudFlare speeded everything up even before I got caching going again…

Further Plugin Work

Now, I went back to Wp Super Cache from Doncha and it all works fine.  Site speed good.  I then ditched Jetpack after testing it again.  It really does interfere with all comment plugins, and I really like this comment one as do people who comment here:

  • U Extended Comment

It works great and does everything I want.  So Jetpack, it’s bye bye.  Take all your fancy commenting system, your stats, your social media and fancy image handling.

But What About Comment Spam?

Stop Spammer Results2

Stop Spammer Results2

Stop Spammer Results1

Stop Spammer Results1

I’ve found the best solution is a plugin called Stop Spammer Registrations Plugin.  It needed a bit of fine tuning and a re-activation of Akismet to whip out a few wisps of spammer, but it works and seems to trap and report more spammers than ever Akismet did alone.  Akismet, by itself, does the commenting bit in tandem with the plugin, rather well.

Registration Spam

SABRE Results

SABRE Results

Unfortunately, during testing, a few unwanted visitors managed to register on the website.  They can’t do real harm since I use the lowest role level at registration time.  So I re-enabled SABRE and since then, no more unwanted visitors.  I’ve tested SABRE as a visitor and the settings I’ve chosen are just about right – I’ve had issues with it previously when it blocked registration!  But reducing the feature set and re-uploading a clean plugin fixes that.

CloudFlare and the CDN Issue

I toyed around getting a CDN to host images.  But they (can) cost and anyway, I’ve gone off Amazon and others because of their anti-Wikileaks actions plus they don’t pay UK tax…

Delayed Image Loading

However, in the course of my reading, I found that images can be loaded just as the page comes into view, which speeds up page loading, and as a consequence the perceived nippiness of a site.  The plugin BJ Lazy Load does this for me and works brilliantly.  Check this last post about Australia which has a lot of medium sized images to see them pop into view!

Delayed Javascript Loading

I use two plugins that handle this end of the issue around JavaScript.

Statistics

WP SlimStat1

WP SlimStat1

Well, Jetpack is gone.  I won’t be using it unless some serious improvements are made, it being the prime reason for the server load that brought me to this position in  the first place.  As soon as I disabled it (and simultaneously blocked all comments to the site, which isn’t the best thing, this being a blog after all), all server loads went away.

I now use SlimStat and it works very well.  I’ve tried many over time, including Google’s analysis tools, my webhost’s stats tools, Wassup and more, but for now, this is it.

Conclusion

My site works pretty fast and is pretty protected from the bad guys.  I actually still use more plugins than what is usually recommended – 50 is a huge lot according to web gurus and sages.  Currently there are 31 in active operation with 8 inactivated.  I love trying new ones, it’s like that, that’s just the way it is.

The delayed image loading is particularly apparent on a post with a lot of images, say this recent one.  The post loads fast and you see the first images load, and as you scroll down you’ll see other images appear with a slight delay.

All the other stuff is incremental improvement, with the biggest, by far, being the free CloudFlare service which I cannot recommend highly enough.  It’s a no-brainer, go and do it?

My Full List?

These are the plugins currently running that help my site work.  Many are for security, which demonstrates the state of play versus the bad internet guys full well.

Related Posts:

How WordPress Spam Works

WordPress Comment Spam

The plague of all blogs is spam, mainly comment spam, by sheer numerical superiority.

Q.  Why Do They Do It?

A. As a minimum, they do it to open a back-door into your blog that allows the perpetrator to place reverse linkages to another website to increase that website’s visibility in search engine results (so called “Search Engine Optimisation” – SEO ).  This back-linkage they use to increase website search hits, which they can charge an ignorant website beginner big money for.

At the worst, the culprit would gain full access to the blog allowing free posting and deletions or even the complete removal of your website content.

Today’s Example

Today, I got a comment that made me check further as notionally, it looked okay-ish. These are the details (click image for full-size view of the comment as it appears in the WordPress admin section):

Comment Spam Example

Comment Spam Example

The Jacksonville lawyer is in Florida and has this website; http://www.divorceyes.com/index.html, and the actual comment is pretty kosher, although brief, saying;

Strangely you have made an awesome post and i appreciate your work and keep it up. Thanks for sharing this with us.

This is all very nice, but check out the IP address….

WHOIS 113.203.135.140

By checking the WHOIS for this, we see that the IP Address for this supposedly reputable Florida lawyer (Divorce Yes) is in Karachi, Pakistan!  Well are they?  My guess, given the cheap web costs in the USA, is that Divorce Yes is in the US and that they wouldn’t for an instant even consider anywhere else!

And so it is!  The actual WHOIS for Divorce Yes is in Florida!  (The actual WHOIS for the web-hosting, fortehosting.com is in Illinois).  The registrant’s name (Miller) also agrees with the Divorce Yes’s contact details here, but note; the email address in the comment, [email protected], is not the same as the email address on the contact page, which is [email protected]

Registrant:

jeff miller

1019 grand court

highland beach, Florida 33487

United States

Registered through: GoDaddy.com, Inc. https://uk.godaddy.com/)

Domain Name: DIVORCEYES.COM

Created on: 07-Jun-05

Expires on: 07-Jun-16

Last Updated on: 17-Feb-07

Administrative Contact:

miller, jeff [email protected]

1019 grand court

highland beach, Florida 33487

United States

(561) 445-6962 Fax — (561) 347-7588

Technical Contact:

miller, jeff [email protected]

1019 grand court

highland beach, Florida 33487

United States

(561) 445-6962 Fax — (561) 347-7588

Domain servers in listed order:

NS1.FORTEHOSTING.COM

NS2.FORTEHOSTING.COM

Conclusion

There isn’t a conclusion really.  This is just an example of the way that text harvesting is being used to make seemingly intelligent comments slip past the comment filters on a WordPress blog.

As many of these filters rely on an IP address, if the webmaster lets a dodgy IP address through just once then it’ll be marked as “good” by the filters which will then allow the spammer to post even more comments, all for the various nefarious reasons that I mentioned first.

This is why I use a plugin like WP-SpamFree, and using it I can block all incoming pings from a given IP address, in this case, 113.203.135.140!

For interest, I’ve edited out the back-link from the spam comment above and you can find it on this post, Pacific Webworks, Lawyers and Social Networking, here.

Alternative Conclusion

This isn’t a conclusion again, but my examination of alternative possibilities, but note the following:

  • The Divorce Yes website is made and SEO’d by http://enettechnologies.com/.
  • WordPress is used on the website.
  • Many WordPress plugins exist to “improve” the SEO of a website.  (I use some!)
    • Some do it by ensuring meta and other data is added if it’s missing.
    • Others have sprung up over the last few years that “intelligently” link to other websites….  they harvest websites for text and linkages for later use, much like email spammers scan websites for email addresses to spam.  [n.b.  I use PHPEnkoder from Michael Greenberg to hide email addresses on this site from email address harvesters.]

It could be, although I cannot prove or disprove it, but because some of this spam I receive is now pretty readable as with this one above, that plugins are being used for much of the hits I get.  This comment  could be such an example, or the law website name is being used textually as a smokescreen for the Pakistani spammer.  I see lots of adverts along these lines that couldn’t possibly rely on manual  human link placements for their effectiveness….

I’d be interested to hear from Miller Law or their website designer on this one.  It’s not the first time that I’ve had reputable businesses appear on my website like this and I’d like to know what it appears like at their end, if at all.  It does make me wonder if this very website is being used to cloak spam at other websites in the same manner.

This is why I’ve left all URL back-links to the parties in place so that they’ll see them in their logs.

Related Posts:

Comments are closed

WordPress Upgrade leads to New Comment Spam Deluge

Strangely post on December 3rd, 2010
Posted in Internet Tags: , , , , , , , , , , , , , , , , , , , , , , , , , ,

Weird Comment Spam

I don’t know if it’s linked, or not, but since the WP upgrade a few days ago I’ve had an extra type of comment spam fall into my spam filters.

Thankfully the spam filters worked, but still filled up the “spam comment” area for further perusal.

Maybe it’s a plugin?  Whatever.

Dodgy Domains and IP Addresses

If you see a domain like this in your WordPress inbox;

hkridklflsdfkfgjsdfgfdfg.com

Then it’s spam!! (pretty obviously).  Below is a sample from the comments moderation area:

You’ll see that several IP addresses appear, even under the same “random keyboard domain”.

A variety of email addresses are also there, mostly gmail ones.  Are they real?   A.  I don’t know or care actually, and I certainly haven’t the time to check up on them!

Anyway.  Watch out!  The ongoing battle between good and bad coders continues – WordPress comment spam is only part of it.

Weird URL

Another portion of my spam list contained a backlink URL to:

http://parapanta.net/paragliding/%EF%BD%90%EF%BD%81%EF%BD%92%EF%BD%81%EF%BD%87%EF%BD%8C%EF%BD%89%EF%BD%84%EF%BD%85%EF%BD%92-%EF%BD%94%EF%BD%85%EF%BD%93%EF%BD%94-%EF%BD%8D%EF%BD%8F%EF%BD%96%EF%BD%89%EF

If you follow this through, it takes you to this DABLU WordPress Themes website shown here on the left as a screendump, but with the same paragliding URL on a 404 page there.

The URL “http://www.parapanta.net/paragliding/” actually works and if you go to the domain root you’ll find that it’s a hidden Romanian WHOIS.

The whole thing is weird, and I suspect, part of a wider form of bad-web manipulation.  Whether the domain owner or hosts know anything about it, I don’t know.

Perhaps the backlink I’ve provided will in time force them to check its source?  Watch this space.

Related Posts:

Comment Spam Revisited

For no reason

Comment spam in WordPress

Comment spam in WordPress

…other than a try-out and also the current anti-spam plugins miss the odd bit of comment spam, I’ve now switched off TanTanNoodles’ Spam filter and am giving WP-SpamFree another try plus another plugin, AVH.  I’ve left Akismet running regardless.

WP-SpamFree

This now promises a lot, so it’s worth another shot.  Two years ago when I tried it, it had interactions with various other plugins, so I dropped it.  Since that time, the whole WordPress code has improved tremendously, as anyone who now uses it will know.  Visit plugin site

AVH First Defense Against Spam

Mailwasher Pro

Mailwasher Pro

This is a new one for me.  It uses the external databases of known spammers and their IP addresses as a blocking filter.  This is similar to anti-spam email programs like Mailwasher Pro that I use, so it seems to be “a good thing”.  This feature is optional, but it’s the most attractive part, IMHO.

It uses either or both of these two services for which an API key is needed. The key is free in each case.

Now it’s a case of “wait and see”.   Visit plugin site

Related Posts:

Comments are closed

I’ve Been Comment Spammed by Kevin Hoeffer!

Yup!  It’s true.

Apparently, the only way that PWW et al can now made any headway is by asking inane questions on the very websites that are trying to close them down!!!

Comment Spam from Kevin Hoeffer

This is the content of a comment added to an old post I made on this website about the late, great and psychotic murderer, Joe Meek.  Look, laugh and learn!  I’ve copied it verbatim as any WordPress using webmaster would have seen it.  Just bask in those spelling mistakes and the deep, deep irony of the comment content!

A new comment on the post #292 “Joe Meek, Captain Beefheart, can’t play music, can’t read music, so what!” is waiting for your approval http://strangelyperfect.tv/292/joe-meek-captain-beefheart-cant-play-music-cant-read-musicso-what/

Author : Philip (IP: 75.14.204.63 , adsl-75-14-204-63.dsl.renocs.sbcglobal.net)

E-mail : [email protected]

URL :

Whois : http://ws.arin.net/cgi-bin/whois.pl?queryinput=75.14.204.63

Comment:

I am trying to find out more about Google and making money online. Of you can direct me to the right site, I would sure appreciate it. Thanks

Approve it: http://strangelyperfect.tv/wp-login.php?redirect_to=http%3A%2F%2Fstrangelyperfect.tv%2Fwp-admin%2Fcomment.php%3Faction%3Dmac%26c%3D2066&reauth=1

Delete it: http://strangelyperfect.tv/wp-login.php?redirect_to=http%3A%2F%2Fstrangelyperfect.tv%2Fwp-admin%2Fcomment.php%3Faction%3Dcdc%26c%3D2066&reauth=1

Spam it: http://strangelyperfect.tv/wp-login.php?redirect_to=http%3A%2F%2Fstrangelyperfect.tv%2Fwp-admin%2Fcomment.php%3Faction%3Dcdc%26dt%3Dspam%26c%3D2066&reauth=1

Currently 1 comment is waiting for approval. Please visit the moderation panel:

http://strangelyperfect.tv/wp-login.php?redirect_to=http%3A%2F%2Fstrangelyperfect.tv%2Fwp-admin%2Fedit-comments.php%3Fcomment_status%3Dmoderated&reauth=1

As you can see, “Kevin” (let’s call him that, but we all know by now that this is all a complete charade, don’t we?  Well I hope we do!) has left his URL in th required field.  This is standard WordPress stuff to increase everyone’s SEO status.  So let’s visit it, shall we?  Let’s see if Kevin really does find it hard to find information about Google and Making Money Online!

Kevin Hoeffer - My Work At Home Failures and Success

Kevin Hoeffer - My Work At Home Failures and Success

Well bugger me!  It’s a different Kevin to the last one!  And guess what, he’s trying to sell me information on how to make money online using Google!

Shurely shome misstake?  (and don’t call me Shirley)

Kevin’s dismal audio is a bit different to the previous incarnation back in April when I posted about Google Treasure Chest.  There are no jokey references to (drum roll) pipe manufacturing companies this time, no siree!

This time, Kevin actually claims that he’s been scammed for $2000!  He then goes on to say that the only legitimate way to make money that he’s found is with “Google Easy Cash Kit”

The link for this “opportunity” is:

http://www.cuttingedgeoffers.com/z/13477/CD8234/

For the UK, the offer isn’t available to us, so we are helpfully redirected to another money making scheme:

http://www.onlineprofitsnow.com/ICS/info16.aspx?cpgn=6982&scpgn=0&vid=94198&aid=5704-

For the USA, the site was down when I looked, but you are sent to:

…which is also non-functional!

Concluding Observations

Kevin’s is much like all the others we are sick of seeing.  The T&Cs are getting less and less informative and in size.  There are no contacts and it follows all the usual patterns of $1.90-ish shipping costs, the “as seen on” banners, the “comments are closed due to spam” bit, the chequebook artwork, the huge cheques from Google artworks, the happy, smiley family.

You name it.  It’s all there.

What is weird is that they’ve bothered trying to comment spam me!  I mean…. ME!  Are they stupid?  I can’t wait until they do Paul at WorkAtHomeTruth.com!  Now that will be fun!

I think I’ll leave the annoying comment in the post – just to pad it out, you understand?  No URLs though, ha ha!

Related Posts:

© 2007-2017 Strangely Perfect All Rights Reserved -- Copyright notice by me