Facebook Pixel
Join our Facebook Community

Comment Spam – Is Akismet OK?

Is anyone else using the Akismet comment spam filter getting hit big time by spam today?

I’m not sure if it’s down, whether someone’s found a way past it or whether I’m just getting a massive attack and the normal small % of spam is getting through – but for the last couple of hours I’ve had so much comment spam that I’m deleting it as fast as it’s coming in!

This happened last week for a few hours one day also.

Looking at the numbers of what Akismet is stopping it does seem to be working to some degree (as the total number is going up) but it’s definitely not getting everything today.

Very odd.

PS: Looking at their graph tracking spam it seems that the last 24 hours or so have seen a massive spike in spam attacks.

update: The spam attack has continued. It’s been 6 hours now with it coming in as fast as 2 to 3 comments per second (thats just what Akismet isn’t stopping – add to that what it is stopping and it’s a massive attack).

I’ve noticed that this often happens on weekends – I guess spammers know its a time that bloggers are online and less likely to be dealing with it.

I’ve also been watching the Akismet graph and even though there is still 14 hours left in the day the amount of spam it’s reporting is almost as high as yesterday and yesterday was the second highest recorded day of comment spam in the time since they started tracking it. Looks like today will be a new record.

I have enabled the option in WP to make sure that you have to have had a comment approved previously for your comment to escape moderation. This means none of the spam is actually going up live on the blog which is something at least. It does mean however that I have a massive list of comments to moderate (legit ones and spam). Apologies to first time commenters whose comments are all being put in the queue.

If this doesn’t stop before I go to bed in a couple of hours I might need to disable comments overnight tonight as I don’t really feel like facing 500-1000 comment spams when I wake up tomorrow! Apologies in advance if I do disable them – it’ll be temporary.

About Darren Rowse
Darren Rowse is the founder and editor of ProBlogger Blog Tips and Digital Photography School. Learn more about him here and connect with him on Twitter, Facebook and LinkedIn.
  1. I just got a crazy amount of spam for the last hour at one my blogs.

  2. No problem with spam getting by Akismet on my 5 wp-powered sites. However, my sites do not get near the same amount of traffic as your sites.

  3. Darren, thanks for covering this – I’ve been noticing a spike in spam too over the past few hours and Akismet is not catching the stuff that is normally sends straight to the trash bin.

  4. And this is why I keep telling people to use defense in depth: Akismet combined with a front-door screener such as Bad Behavior. I’ve noticed pretty much nothing on Bad Behavior-protected sites.

    I understand Aaron is testing it out and it might come to b5media sites soon.

  5. You could try checking “Comment author must have a previously approved comment” and then nothing will go live unless you approve it, even if it gets past the filter.

    Isn’t Xavier handling these kinds of tasks yet? :)

  6. Jon – Xavier’s now ghost writing most of my posts here at ProBlogger – he got bored with comment moderation :-)

  7. I think it’s just because you are so darned loved Darren! :)
    No spam has passed my way of late!

  8. Hey D-

    I found that using the tor black list reduced my comment spam by 99%


    Most spammers are using the tor proxys

  9. Nope, nothing new here.

  10. ShoeMoney – how do I use that list?

  11. Nothing’s getting through on mine either. Akismet is still going strong.

  12. I use only Akismet (not a high traffic site really) and wasn’t hit by anything and it was actually a low spam day overall for me. Then again my site was down for 3 hrs or so and judging by the comment times possibly around the same time you reported this (unless the comment times are set to a different time zone then I’m currently in). I also have the “comment author must have approved comment” as a first line of simple defense as well.

  13. Sorry for the quick double comment but looking at the time stamp of my first post we are in the different time zone situation. No problem here with spam sneaking through Akismet.

  14. […] Askismet, the non-free spam protection also seems to be popular. Though it seems Darren from Problogger is having some issues .. maybe B5media should switch to Spam Karma 2? Like this post? Subscribe for more juicy content! […]

  15. By the looks of it Darren, Shoemoney’s blacklist is meant for your .htaccess file.

  16. I think that the blacklist is already built into Akismet. Don’t know for sure but that is such an obvious way to catch spammers that I doubt that they would neglect it.

  17. Akismet seems to be doing fine on my blog, no comment spam has gotten through in the last week up to onw and Akismet is the lone anti-spam tool I’m currently using.

    I’m not free from spam attacks though, true to the spike of spam attacks in the last week, I’ve been bombarded with spam messages via the ‘Contact Me’ page which is powered by a plugin of the same/similar name. I guess the spammers have worked out an advantage this time around, I wonder how the anti-spammers would fight back.

  18. I’ve had such serious issues with spam getting past Akismet, that last week I turned off the feature to be told when a comment had been sent to moderation, though I didn’t have trouble today. (I am sending all comments to moderation automatically as a “first line of defense”). Just the comments that Akismet didn’t catch was reaching a level equal to about half my actual page views, the number of uncaught spam comments getting past Akismet is about 150 times the legitimate comments and the amount of spam it is catching is something like 5 times the number of legitimate visits to the blog. The worst part though is that the spam it isn’t catching is all stuff that uses terms I have in my blacklist all associated with the pharmaceutical, gaming and adult entertainment industries – stuff that wouldn’t get through if I was just using WordPress out of the box. On the other hand, Spam Karma 2 was using so much in the way of server resources for just one blog that I was looking at needing a dedicated server for every moderate traffic blog.

  19. I think for Akismet, if the server is getting stressed and timed out on the spam checking request, Akismet plugin will give up trying and approve the comment (or put it into moderation queue).

    Might be a problem with Akismet’s centralised design. Now it gets me thinking — what if Akismet gets DDoS by the bot-net hired by blackhat spammers?

  20. Have you tried Bad Behavior yet? I think it works better then Askimet.

  21. You should get some sort of refund from that AKismet corporate license you got a few months back. =)

  22. Seems like the best solution would be to use a preemptive intelligence check rather than hope to filter it out afterwards using something like Akismet.

    I noticed the comments preview plugin for WP lets you create your own captcha (should stop bots being able to use premade captcha busters), and I’ve also seen a basic question/answer (eg: What colour is an orange?) being used quite effectively on some blogs. The latter would probably be a lot more gentle on server load.

    I get as uncomfortable about a system filtering comments as I do about something filtering my emails: not very! The risk of false positives is too much for my liking. :~

  23. I noticed a larger spike of spam today, but Akismet caught it all. Not too bad though – only like 13 spam comments.

  24. Haven’t even noticed a blip in Akismet’s coverage….

  25. Darren at Problogger has been noticing the explosion of comment spam. I too have see it.

    Something must have definitely happened at Akisment….

  26. This actually started for me just over a week ago. Strangely enough, only blogs on certain subdomains are getting slammed. A lot of the comments actually seem to have nofollow in the links (!) and/or nonsense URLs like “http://www.kluyfvkutdckudf.com/kgxiyyr” (that’s a fake URL) or some such. Very weird.

  27. I too am seeing a flux of spams. My 15 day count has jumped to 10, 000. It is however less severe than about a month back when it jumped to 25, 000.
    None of my spams get to even the moderation queue because I use Akismet in conjunction with a strong but safe comment blacklist. I do not however block comment from open and insecure proxies.

  28. I have seen this going on for several days actually non stop.

    My Internet marketing blog gets hit very heavily though compared to my other blogs, and it is getting rather out of hand

  29. Using Akistmet + Bad Behaviour, and I haven’t noticed any peak in spam. Crossing fingers.

  30. Hey darren-

    Just append that to your .htaccess file.

  31. I use SK2 + BB2. Akismet is alright, but I find SK2 to be WAY more effective, especially when you combine SK2 and Akismet. :)

  32. I had a huge surge in attempted comment spam the past few days too. 100% of it was blocked, but there was still enough to notice a serious load on the server. I blocked several offending IPs but the spam was clearly coming in from a botnet with a huge number of machines in different places.

    Like others have mentioned, this new attack only hit a couple of my (high pagerank) sites, so those who aren’t having trouble might not have been targetted yet…

    I use WP Hashcash, which successfully blocked over a thousand spam comments on the worst day and hasn’t let a single one through in this attack. I haven’t used Akismet so I can’t answer to that.

  33. All my blog are being spammed twice a day, with 12-hour intervals, usually between 5AM and 9AM EST. Usually it peaks at 400/450% extra pageviews and 250% unique visitors, it’s a big bot farm, I guess.

    Akismet (IPraise Thy Name) blocks almost everything. Bad Beahviour takes it’s share, too. The price is low, one or two false positives.

  34. I also receive abundance of spam last week. I installed the SpamKarma 2 plugins, and it finally stop pouring in! Hooray!

  35. I have been getting hit hard, but very few get through both akismet and my moderation queue. I have a good list of keywords to auto-cause moderation, and a smaller list of keywords to blacklist in a comment.

  36. Akismet missed it’s first comment spam Sunday on my blog. It was easy enough to spot. I have no idea why anyone would think that would help them.

  37. Whitelist, Blacklist, Greylist…

    I recently got into a spirited discussion about Akismet. What is Akismet? When a new comment, trackback, or pingback comes to your blog it is submitted to the Akismet web service which runs hundreds of tests on the comment……

  38. wow there is a spam blocker named after me?

A Practical Podcast… to Help You Build a Better Blog

The ProBlogger Podcast

A Practical Podcast…