WordPress Spam Defence and Cache Plugins – BadBehaviour and WP-Cache 2

In an attempt to trim down the load on my little Xen hosted box I’ve now added another two plugins to my install here after finding good recommendations for them out on the web.

The first is the Bad Behaviour plugin that sites like WordPress.com use to defend against blog spammers. This is your first line of defence against those evil people who believe they have a right to abuse your blog – the plugin analyses the incoming HTTP requests looking for known spambot patterns and then blocks them with a 412 error. This doesn’t rely on User-Agent and Referrer headers (though it does use them), but instead watches their pattern of behaviour. Been running it for a few hours and I’m seeing a bunch of 412’s and going back in my logs I can see odd (non-human) behaviour from those IP’s in the past few days, so it’s looking good. Anyway, no new comment spam since I added it, we’ll see how it goes after a few days. 🙂

The second is WP-Cache 2, a rather clever cacheing system for WordPress that will generate a static copy of a page the first time it is accessed and then serve those up to people for the next (configurable) number of seconds (defaulting to 3600, being 1 hour). The installation needs a few manual steps to get working, but it’s not rocket science – plus it’s supported by Bad Behaviour including (with a single added line of PHP) the ability to stop the spambots from harvesting from your cached static pages. You can look at which pages were cached when and when they will expire, plus opt to delete single or all cached pages. It also doesn’t have problems if a logged in user is the one who generates the cached page, it won’t serve that info up to another user but will generate a different page for them instead (and cache both versions). It will also cache your RSS/ATOM feeds too, saving your site from having to regenerate them each time someone requests them.

It’ll be interesting to see how it copes when I post this article – will it appear immediately or will it not be seen until the cache expires ? 🙂

Update: It appeared immediately!

2 thoughts on “WordPress Spam Defence and Cache Plugins – BadBehaviour and WP-Cache 2

  1. I also use WP-Cache2 and you’ll soon notice one key flaw. It breaks StatTraq and thus MostWanted.

    The breakage happens becuase the action hook that stattraq uses is never called – the cache takes over before it gets a chance to fire, so no log is generated.

    I work aroudn this by adding a tiny bit of code to wp-settings, but a better solution woudl probably be to get onto the WP-Cache folk and ask about having a “cache-hit” action fiting whenever the cache is used.

  2. Pingback: Elliott Back

Comments are closed.