WordPress & Spam: Key’s Solution

Recently I began to see an increase in malicious login attempts to my servers from bots (ie. automated attempts to login via FTP, POP/IMAP, SSH and so on) which gave me an idea for a new side-project on NerdTools known as the Bad Bots Intrusion & Spam Detection database.

After a few hours of developing a database was generating before my eyes of all the bad bots and their failed attempts, which then got me thinking, aside from using the database with a firewall can this be intergrated with WordPress to stop spam before its even posted?

A few more hours developing and I have now created two plugins which are listed in the WordPress extension directory. One is called NerdTools Bad Bots Spam Reporter which cleverly and annonymously reports the IP address of an author whenever a comment is classed as spam, and the other is called NerdTools Bad Bots Spam Defender which again annonymously screens every authors IP address against the database and if a match is found it won’t allow the comment to be saved.

Going a little deeper into the reporting plugin; when a comment is classed as spam the authors IP address is reported to the database but it won’t be entered straight away, our system will wait and see if any patterns form, if so it will then be entered and further comments will not be allowed.

It may seem madness having two seperate plugins to work as one but I didn’t want to force people into reporting comments if they don’t want to and vice versa with the defending plugin.

In terms of infrastructure the database is hosted on a high performance SSD server which has memcache enabled. Future plans include clustered servers for even greater performance.

Not bad for a few hours work!