Security

For some reason, there seems to be a band of zombie compromised systems out on the internet that keep trying to exploit an old s9y (the blogging software used here) bug that has been patched/fixed for years. I realize there can be really old copies of s9y around, but this isn't one of them.

So, if the site seems slow, it is probably due to all the bogus requests coming into comment.php. I've been doing some .htaccess magic to punt 99% of them off the server, but of course, they always add more and different IPs into the mix as time goes on.

I don't like disabling comments and I don't like enabling CAPTCHAs, and so far, my efforts have blocked 99.99% of the trackback and comment spam without the need of other measures. I would say one comment every other month slips by the automated system and gets flagged as a 'needs moderation' comment.

Considering that this site seems to get numerous comment spams per second, that is a pretty good track record.