Comments return

Thanks for all of your comments on… my comments. I got about a dozen comments and they were all great. I implemented the following:

1. Create content that sucks. That way, you aren’t a good target. (I thought I was already doing that, but will redouble my efforts.)

2. Block a set of IPs recommended by Dreamhost. This kind of sucks. I sure don’t want to block all of Poland, India, and China (where 90% of my attacks are coming from), but I’ve set up htaccess with a blocklist, and will continue to do check periodically for serious offenders.

3. Someone pointed me to some ways of using mod_security to limit who has access to the comment post script. Unfortunately, I can’t figure out how to do this (if it’s possible at all) on my shared server at Dreamhost.

4. Move the scripts from the default names. This is probably the most obvious one, and should have been done a long time ago.

5. CAPTCHA. I don’t know why Dreamhost suggested this, but I’ve done it. I had initially planned to do a “real” CAPTCHA, but I like Eszter’s approach much better. We’ll see how that works out.

Please let me know if you have any trouble commenting.

Oh, and Booo, Dreamhost Support for cutting off my comments and then not replying to my emails… Given that WordPress is a one-click install on Dreamhost, you would think they would set up their WordPress with some of these things already lined up.

When my hosting runs up, I’m going to set up a server at home instead.

This entry was posted in Uncategorized and tagged . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

2 Comments

  1. Posted 12/30/2006 at 12:44 pm | Permalink

    yay

  2. Posted 12/30/2006 at 12:45 pm | Permalink

    So is a cerebral enema anything like an oral exam?

Post a Comment

Your email is never published nor shared. Required fields are marked *

*
*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>