If your blog is being hammered with comment spam, it will get slower and slower as your database gets bloated with hundreds of thousands of spammy comments.
At some point your site will get so slow and will consume so many resources that your web hosting provider may shut it down temporarily and ask you to address the situation.
In order to avoid this happening we recommend the following 2 measures:
- Do NOT enable trackback. It’s the spammers’ favorite method for hitting you.
- Make sure all new comments are in DRAFT status by default. This makes you a much less interesting target for spammers
Go to Blog Settings > Features > Comments and do the following:
- Uncheck the "Trackbacks" checkbox.
- Temporarily set "Comment Posting by" to "Not Allowed".
Do this for all blogs on your system.
This will immediately stop allowing new comment INSERTs to the database. Comment INSERTs are what takes the most resources because after every comment insert, several indexes need to be updated.
At this point the load should go down quickly and your blog should start to be responsive again within 10 to 60 seconds.
Now you can go to the comments management screens and start removing the spam.
The most effective way is probably to click the ban icons which will trigger the antispam tool to search the URLs left by spammers against all comments on the system. This will allow you to delete hundreds of similar comments at a time and also blacklist the URLs against future spam attempts.
Depending on how many spam has been let in, it may take a few hours to clean up all the spam. (If you would like a "Spam bankrupcy" button that deletes ALL your comments (including non spam), please let us know and we will implement such a radical feature.)
The b2evolution team is taking spam very seriously. Each new version adds additional difficulties for spammers to target your blog. Therefore, we recommend you always upgrade to the latest version which will make you a less desirable target for spam.
Once you are up to date you may reopen comments, but always leave the default status as DRAFT.
What if I strengthened my comment policy and I cleaned up but I’m still getting hammered by spammers *trying* to post spam?
First we want to stress that spammers evolve in their technique and that you should really upgrade to the latest version of b2evolution so you also have access to the latest antispam techniques. This will filter out a significant amount of automated spam.
Then, you may also install a CAPTCHA plugin in order to slow down manual spammers. Note this will annoy legitimate users as well.
It may also help to have your comments closed for a few weeks or even months so that the spambots and spam tools out there realize it is no longer possible to spam your site. It may take time for them to update their target lists. Make it clear there has been a significant change in the spam handling of your site.
In b2evolution v5 you may also want to temporarily disable the page displaying the latest comments, as this one also seems to attract spammers who are searching for sites to spam in Google.